On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector
Employees are an organization's greatest asset and greatest risk. With a single click an employee can devastate a business by transferring or damaging huge amounts of data.
An audit of the Joint Polar Satellite System ground system revealed thousands of vulnerabilities, most of which will be addressed in two years when the next version of the system is released.
The number of disclosed vulnerabilities is on track to fall below 8,000 this year, a first since 2011.
The routers are sold in China under the Netcore brand name, and elsewhere as Netis products.
Anonymous confessions posted on a popular app, called "Secret," were susceptible to being exposed via a hack.
The firm analyzed 1,000 free apps in Google Play which were most downloaded by users.
In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.
Sources close to the breach investigation tipped off TrustedSec CEO David Kennedy.
The vulnerability comes into play when Instagram users search for Facebook friends to "follow."
HTTP Shaming was created by a security consultant to call out apps and web services that put user information at risk.
Despite a patch issued four years ago, a vulnerability in XP, Vista, WIndows 7 and Windows Server 2001/2008 is still a threat.
Apple has released version 6.1.6 and 7.0.6 of its Safari browser following patched vulnerabilities recently discovered by its researchers.
In a multi-challenge contest security researchers uncovered vulnerabilities and hacked into routers at the DefCon conference in Las Vegas.
On Tuesday, Adobe released fixes for seven critical bugs in its Flash Player plug-in.
The tech giant's monthly security update includes two critical patches for IE and Windows.
At DefCon 22 in Las Vegas, Nir Valtman discussed how far bug bounty programs have come in nearly 20 years.
In a session at DefCon 22, speakers explained that it is not possible to hack a plane and take control of the aircraft, but creating some mischief is still possible.
Cesar Cerrudo spoke at DefCon about how traffic control systems used in the U.S. and other countries can be hacked.
A wide host of devices rely on USB to make them usable but USB contains vulnerabilities that attackers can exploit.
Two critical fixes from the tech giant will plug RCE bugs impacting Windows and IE users.
At Black Hat 2014, Ertunga Arsal demonstrated how he can gain admin access to SAP systems, steal payment card data and reroute payments.
Two hackers demonstrated how device vulnerabilities could allow attackers to access sensitive card data using multiple attack vectors.
Vulnerabilities in EnergyWise could let attackers cause huge blackouts if abused.
A researcher has discovered vulnerabilities in WordPress and Drupal that enable XML denial-of-service attacks.
In this video, F-Secure's Timo Hirvonen chats with Adam Greenberg, reporter at SC Magazine, about the project, as well as the threats aimed at Flash and Java vulnerabilities.
In this video shot at Black Hat 2014 in Las Vegas, Jeff Forristal of Bluebox Security sits with Danielle Walker, reporter at SC Magazine, to discuss the Fake ID Android vulnerability.
Bugs in trace detection scanners, x-ray machines and time and attendance clocks could make them vulnerable to attack, according to experts at this year's Black Hat conference.
A pair of researchers from Accuvant at the 2014 Black Hat conference showed how the OMA-DM protocol can be leveraged to gain access to mobile devices.
An Australian researcher has discovered and posted a method for getting past PayPal's two-factor authentication, but it requires primary credentials.