Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.
Stories by Lucian Constantin
A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security researchers from Finnish antivirus vendor F-Secure.
Microsoft's official YouTube channel was hijacked on Saturday and all videos hosted on it were temporarily removed. The hacker replaced them with others claiming that Microsoft is holding a contest.
A weakness in XML Encryption can be exploited to decrypt sensitive information, researchers say.
Experts from security vendor ESET warn that TDL4, one of the most sophisticated pieces of malware in the world, <a href="http://blog.eset.com/2011/10/18/tdl4-rebooted">is being rewritten and improved</a> for increased resilience to antivirus detection.
Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or microphones without their knowledge.
Opera Software has released an update for its desktop browser in order to address a critical vulnerability in its handling of Scalable Vector Graphics (SVG) files, disclosed a week ago. The company denies refusing to patch the flaw when it was brought to its attention earlier this year.
The cloud-based design of Amazon's Silk browser has positive security side effects because it encrypts all traffic between users and websites, especially important when connected over unprotected Wi-Fi networks where session hijacking attacks can occur easily, the company said.
A Trojan used by German law enforcement authorities to intercept Internet phone calls is capable of monitoring traffic from 15 programs, including browsers and instant messaging applications.
Oracle has released a new Java security update to address multiple vulnerabilities, including one exploited during a recently disclosed attack that can allow eavesdropping on encrypted communications.
Distributed denial of service and SQL injection are the main types of attack discussed on hacking forums, according to new research from security vendor Imperva.
Some of the users who visited KickassTorrents (KAT), one of the most popular torrent trackers on the Internet, over the weekend had the nasty surprise of being infected with a rogue antivirus program called "Security Sphere 2012."
Searching for Flash Player on Bing and Yahoo can lead to rogue pages distributing a hard-to-remove rootkit, according to security researchers from antivirus vendor GFI Software.
Apple has released a massive security update for Mac OS X along with a new version of its OS, however, according to several reports, installing the patches could render computers unbootable.
The Zeus financial malware has been updated with P-to-P (peer-to-peer) functionality that makes it much more resilient to take-down efforts and gives its controllers flexibility in how they run their fraud operations.