Tizen is Samsung's long-touted OS to replace Android and Israeli security researcher Amihai Neiderman just delivered a talk on it at Kapersky Lab's Security Analyst Summit where he revealed 40 new 0-day flaws in the OS, and showed that he could trivially send malicious code updates to any Tizen device, from TVs to phones, thanks to amateurish mistakes of the sort not seen in real production environments for decades. Read the rest

Wikileaks' seismic Vault 7 release didn't follow the usual Wikileaks procedure: perhaps in response to earlier criticism, the organization redacted many of the files prior to their release, cutting names of CIA operatives and the sourcecode for the cyber-weapons the CIA had developed, which exploit widely used mobile devices, embedded systems, and operating systems. Read the rest

The more we learn about the Shadow Brokers, who claim to be auctioning off "cyberweapons" that crafted for the NSA's use, the scarier the breach gets: some of the world's biggest security companies are tacitly admitting that the exploits in the Shadow Brokers' initial release can successfully penetrate their products, and they have no fix at hand. Read the rest

The House Committee on Oversight and Government Reform has asked dozens of agencies in the US government to disclose whether they used switches made by Juniper, the disgraced US network technology giant that had at least two backdoors inserted into the software for one of its most popular product-lines. Read the rest

The spear-phishing attempt appears to be part of "Pawn Storm," a massive attack that's been underway across the net for more than a month, and involved a rare zero-day (previously unknown) Java exploit. Read the rest

The Electronic Frontier Foundation always has a huge presence at Las Vegas's DEFCON, but this year, we're hosting our first-ever badge-hack contest! Read the rest

A zero-day exploit for Jeep Cherokees allows hackers to control everything from the engine to the air-conditioning over the Internet, overriding the driver at the dashboard. Read the rest

An engineer at Boeing's Insitu subsidiary proposed that the disgraced malware company Hacking Team should add spyware-delivery tools to Insitu's drone platform. Read the rest

The enormous dump of docs from cyber-arms-dealer Hacking Team continues to yield up details, like the time the company tried to sell spying tools to a death squad. Read the rest

Fallout from yesterday's enormous dump of internal documents from Italy's notorious Hacking Team, a cyber-arms dealer for the world's worst autocratic regimes, is just getting started. Read the rest

Ethopia's despotic regime has become the world's first "turnkey surveillance state," thanks to technology sold to it by western companies, including, it seems, Italy's Hacking Team, whose RCS spyware product is implicated in an attack on exiled, US-based journalists reporting on government corruption. Read the rest