A group of researchers tested 14 services and the news ain't good.
It didn't take long for exploit kit authors to incorporate an exploit for the recently discovered zero-day Adobe Flash vulnerability (CVE-2015-3113) into their malicious wares.
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content Security Management Virtual Appliance (SMAv) software.
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP Patrick Barker.
A researcher shared his discovery of fifteen flaws of varying severity in a number of font engines used by Microsoft's Windows, Adobe's Reader software, popular modern browsers, and so on.
Brian Honan, CEO at BH Consulting, talks about a recent vulnerability disclosure trend – a trend that he believes may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.
Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.
A security researcher that goes by the name Chloe recently tested around 1,400 Tor exit nodes by setting up a Bitcoin-themed phishing site.
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries.
Dyre's primary goal is to harvest victims' online credentials, and it's capable of doing this by mounting Man-in-the-Browser attacks against the three most commonly used Windows browsers: Internet Explorer, Firefox, and Chrome.