- FTC settles with developers of sneaky cryptocurrency mining app
- US personnel agency takes system offline after hack
- MIT tests 'software transplants' to fix buggy code
- Malwarebytes offers amnesty to pirates amid licensing overhaul
- Security Short Take: Samsung bows to pressure on Windows Update tweaks
Exploits / vulnerabilities - News, Features, and Slideshows
Like visiting a junk yard to find cheap parts for an aging vehicle, researchers from the Massachusetts Institute of Technology have come up with a way to fix buggy software by inserting working code from another program.
Just four days after Adobe Systems patched a vulnerability in Flash Player, the exploit was adopted by cybercriminals for use in large-scale attacks. This highlights the increasingly small time frame users have to deploy patches.
Cisco Systems said on Thursday it released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.
Several antivirus products from security firm ESET had a critical vulnerability that was easy to exploit and could lead to a full system compromise.
Adobe Systems released an emergency security update for Flash Player Tuesday to fix a critical vulnerability that has been exploited by a China-based cyberespionage group.
Government organizations are struggling when it comes to securing the computer software they use, which could partially explain the large data breaches reported in that sector over the past several years.
A revised patch has been released for a flaw in the distribution platform for Ruby applications, RubyGems, which could be used to deliver malware to someone trying to download a program.
Spies working for the U.S. National Security Agency and its British counterpart found anti-virus and security software a hindrance to their intelligence gathering processes, and worked to thwart it, according to a report Monday in The Intercept.
Hard on the heels of the release of a newly updated version of SAP Hana, a security researcher has warned of a potentially serious vulnerability in the in-memory platform.
LinkedIn plans to continue closely vetting researchers for its bug bounty rewards program, saying it reduces the number of distracting erroneous and irrelevant reports.
Many commercial software companies and enterprise in-house developers are churning out applications that are insecure by design due to the rapid and often uncontrolled use of open-source components.
A deeper look into the latest version of malware known as Duqu shows it used digital certificates from prominent contract manufacturer Foxconn Technology Group to help mask its activity.
A security researcher says a vulnerability in Apple's mobile email application could be used to trick someone into divulging their iCloud password.
VMware has released security updates for several of its virtualization products in order to address critical vulnerabilities that could allow attackers to break out of virtual machines and execute rogue code on the host operating systems.
Mozilla is giving a raise to security researchers who spot Firefox browser vulnerabilities, more than doubling its maximum reward for information on the most high-risk flaws.
- Public safety technology is central to becoming a smart city: Hitachi Data Systems
- Dropbox and Xero team up to increase productivity for small businesses
- Inabox inks $3.6 million Total Telecoms deal
- Ooyala expands technology stack with Nativ acquisition
- Bulletproof steps up Cloud play with new Professional Services arm
- Report: Aussie CMOs strive for customer centricity but hindered by pace of change
- Microsoft hands some of the reins for its display ad business to AOL
- Why Open Colleges, Virgin Mobile are backing a new tool for brand advocacy
- Digital marketers look for behavioral triggers
- Can brand builders do well and do good?