A type of DDoS attack that has until now been mostly theoretical has become reality: CloudFlare engineers have spotted a browser-based Layer 7 flood hitting one of its customers with as many as 275,000 HTTP requests per second.
Here's a treat for hackers and security researchers who don't mind selling information about zero-day vulnerabilities to the highest bidder: Zerodium, the zero-day vulnerability and exploit acquisition firm recently launched by VUPEN founder Chaouki Bekrar, is offering a million dollars for "an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices." All the security improvements and exploit mitigations that Apple implemented in iOS made the popular mobile operating system secure, but not unbreakable, the company has noted.
A slew of vulnerabilities - some already patched and some still not - have been revealed to affect several security offerings by some of the most trusted names in the security market.
Since 2012, a trio of European researchers knew that the Megamos Crypto transponder - used in a over 100 cars manufactured by Audi, Ferrari, Fiat, Cadillac, Volkswagen and two dozen more automakers around the world - sports vulnerabilities that can be exploited by attackers to start the cars without needing to have the key (i.e.
Microsoft has pushed out an emergency out-of-band Internet Explorer update, which fixes a critical memory corruption vulnerability (CVE-2015-2502) that is being actively exploited in attacks in the wild.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.