Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.
Researchers with FireEye scanned more than 54,000 Android apps in the Google Play store and learned that more than a hundred, downloaded a combined 150 million times, are vulnerable to the Heartbleed bug.
Released Tuesday, the update prevents exploit via "triple handshake" attacks, which could allow a bypass of encryption safeguards.
Although said to be patched, researcher Eloi Vanderbeken discovered during the Easter holiday that backdoors existing in certain wireless routers can be reactivated.
Among the addressed vulnerabilities, was a bug affecting WindowServer, which could allow an attacker to execute malicious code outside the sandbox.
Security firm Mandiant detailed the heartbleed exploit, which was used on one of its clients.
Facebook debunked a reported claim by Mauritania Attacker, the alleged leader of hacktivist collective AnonGhost, that the social media website is vulnerable to DNS attacks.
After reviewing government websites for Heartbleed exploits, HealthCare.gov changed users' passwords.
A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.
Bugcrowd, an Australian security start-up, will organize the funding drive in hopes to further secure the open source software.
The Royal Canadian Mounted Police arrested a 19-year-old man in Ontario who they believe exploited the Heartbleed bug to steal information from a federal agency.
Critical security issues that leave satellite communications vulnerable to being intercepted, manipulated or blocked were detailed in a white paper.
Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.
London-based CNS Hut3 warns that flaws in many Heartbleed detection tools could give companies a "false sense of security."
A fingerprint spoof created in September 2013 to bypass the Touch ID on the iPhone 5s was used to bypass the fingerprint scanner on the Samsung Galaxy S5, which was released on Friday.
Oracle's Critical Patch Update (CPU) plugged 37 holes in the popular Java browser plug-in.
Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached because of the critical flaw.
A quick fix was issued to Flickr SQL injection flaws that could open the door for remote code execution after a researcher identified the issues and reported it to Yahoo.
The social insurance numbers of 900 taxpayers were accessed in the breach, according to the agency.
After a Bloomberg article reported that unnamed sources indicated that the NSA knew of the major flaw and utilized it for surveillance purposes, the agency denied the claims.
This week, critical infrastructure operators were notified of potential threats arising from the critical OpenSSL flaw.
A vulnerability in Google Chrome can allow an attacker to stealthily listen in on someone, even if microphone access is blocked.
The Heartbleed Bug is a critical OpenSSL flaw said to leave online information, including payment card data, vulnerable to being exposed.
Organizations vulnerable to the SSL/TLS encryption-breaking Heartbleed Bug, a critical vulnerability in widely used versions of the OpenSSL library, are updating quickly.
A Tuesday update addresses critical Adobe Flash Player vulnerabilities that could allow an attacker to take control of Windows, Macintosh and Linux systems.
Blackberry issued an advisory yesterday warning Blackberry 10 customers that a remote code execution vulnerability could threaten their phones' security.
Roughly 80,000 Deltek customers may have information at risk, including payment card data for 25,000 of them, after an attacker hacked into Deltek's GovWin IQ system.
This month's Patch Tuesday marks the end of support for the dated, but widely used, products.
Internet communications utilizing SSL/TLS encryption may be at risk due to the Heartbleed Bug, a critical vulnerability in widely used versions of the OpenSSL library.