The Secure Socket Layer (SSL) protocol is under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.
Bluebox Security analyzed the top nine Android tablets for children and found that the majority had multiple security issues that could put childrens' data at-risk.
A five-month-long campaign against organizations in India shows the group is active and evolving, SophosLab reports.
The enterprise software flaws could allow attackers to access customer data, financial info and other critical data at companies.
Pwnium, an annual Google bug bounty event, is being canceled and replaced by rewards given out throughout the year.
Google is providing developers with a multipipe approach to scanning applications for security flaws.
Masque Attack II entails bypassing an iOS prompt for trust and app URL scheme hijacking, FireEye said.
A researcher disclosed details on the vulnerability, which affects several Netgear router models.
After facing backlash, Lenovo removed the software from its computers.
A techie in India discovered a vulnerability that allowed him to delete victims' Facebook photos and albums.
Findings from IBM serve as a reminder this Valentine's Day to boost mobile security efforts, even when dealing with apps from so-called "trusted" marketplaces.
Security researchers said the attack was likely the work of a Chinese espionage group aiming to penetrate the systems of financial services and defense contracting firms.
It took Microsoft a year to patch the critical Windows bug allowing remote code execution (RCE).
Core Security researchers said that the vulnerability in EKI-1221D can be exploited remotely by attackers to execute arbitrary code.
In various campaigns, attackers have exploited Flash bugs to spread the malware, Trend Micro found.
The developers of FancyBox have issued a patch to address the bug, which was actively being exploited in the wild.
A technical paper challenges the misconception that APT groups are inevitable "masters of exploitation."
A Houston nanny got an IT security reality check this past week when an anonymous voice came through the baby monitor of the child she was watching.
The internet is literally crawling with bots. Millions of them scour the farthest reaches of the internet every day, indexing content, testing connections, and making the web more useful overall.
Apple fixed a number of flaws with its latest iOS update and improved stability and performance.
The new program will be rewarding security researchers for discovering vulnerabilities before they even begin their research.
Recent takedowns of Sony and Xbox networks prove that no matter how large the entity, they can be knocked offline.
After 20 million of its dating site users' email addresses were put up for sale online, Topface tracked down the hacker behind the amassed database and paid him "an award for finding a vulnerability.
The number of infections for a malvertising campaign originating on an adult website rose by 1500 percent in a two-day period.
The source code sharing website will up its maximum payout from $5,000 to $10,000 in its bug bounty program's second year.
While the cloud has fundamentally changed the way we do business, it has left organizations feeling vulnerable to attacks. Enterprise security architectures are being extended to include data security for the cloud.
Qualys has identified a buffer overflow vulnerability in the Linux GNU C Library that, if exploited, could enable an attacker to remotely take complete control of a victim's system.
A security engineer from Citrix demonstrated the Maldrone malware that he built as a backdoor to control drones.
The hotel chain has addressed a weakness in its Marriott International Android app that could have allowed attackers to access customer data, including credit card information.
The use-after-free vulnerability was being exploited in drive-by-download attacks, Adobe warned.
Sign up to our newsletters
SC Magazine Articles
- Malware on Lime Crime website, payment cards compromised
- State breakdowns: Anthem breach by the numbers
- Florida law enforcement docs show widespread stingray use, secrecy
- After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware
- Older vulnerabilities a top enabler of breaches, according to report
- Carbanak APT campaign made off with $1B from banks globally
- BMW issues security patch for bug allowing attackers physical access into vehicles
- NIST requests final comments on ICS security guide
- State breakdowns: Anthem breach by the numbers
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- Researchers investigate link between Axiom spy group, Anthem breach
- Top Android tablets for children riddled with security lapses, study finds
- Bulk Reef Supply website compromised, credit cards at risk
- Medical identity theft up 22 percent in 2014, annual report says
- Report: Majority of health-related websites leak data to third parties