Vulnerabilities News, Articles and Updates
SWIFT has introduced a daily reporting system intended to help members of the financial messaging system identify fraudulent payments made over the network.
Security researcher Arun Sureshkumar earned $16,000 after disclosing a vulnerability in Facebook Business Manager that, if exploited, could have allowed attackers to take over a targeted victim's Facebook page.
Researchers claim they were able to crack into Tesla's CAN Bus to achieve remote control of the electric car and the DoT just issued a new policy concerning automated vehicles.
Cisco issued an advisory for a flaw that the company has linked to exploits released by the Shadow Brokers group.
A Cambridge University researcher recently published a paper demonstrating how the FBI could have easily unlocked the San Bernardino shooter's iPhone.
"Multiple security issues" were patched for a number of VMware products.
Data theft knows no boundaries. Personal information has been siphoned out from databases connected to both presidential campaigns.
Google Chrome released a stable channel update for its desktop applications for Windows, Mac and Linux.
Vectra Networks is claiming that attackers are turning their attention to data centres. Are our data centres as secure as we think they are?
Information security researcher Dawid Golunski spotted several critical vulnerabilities in MySQL.
The new rules are designed to enhance and clarify existing requirements relating to cybersecurity testing and system safeguards risk analysis.
The Department of Defense does not have the necessary visibility into the cyber capabilities of the National Guard, according to a report by the GAO.
Adult content site Pornhub announced Tuesday that it will switch from using Flash-based content and instead opt for HTML5.
100 million user passwords from a 2012 breach at Russian internet giant Rambler were leaked online.
A medical centre in the UAE has been modestly breached by a hacker who claims to want to teach them a lesson in security.
Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.
Google has released patches for 57 security vulnerabilities affecting Android devices. Eight of the flaws were issued a "critical" rating.
Yelp will offer up to $15,000 to researchers who discover the "most impactful" vulnerabilities.
The massive breach at the U.S. Office of Personnel Management (OPM) might have been prevented had the agency followed basic cybersecurity guidelines, a congressional investigation claimed.
Last week, Apple issued security updates to patch a serious flaw affecting iPhone and iPad users. Yesterday it addressed a similar flaw on its desktops.
On the same day that Cisco issued 12 advisories addressing vulnerabilities in its product line -all but one resolved via updates - Google yesterday announced the stable release of Chrome 53, which contains 33 of its own security fixes.
Researcher Lukasz Olejnik claims Ambient Light Sensors in personal devices could be used to track users and even measure the size of their homes.
Google is refusing to patch an alleged faulty Login Page after an independent researcher claimed to have spotted a bug.
A family of malware targeting Internet of Things (IoT) devices to create distributed denial of service (DDoS) botnets has been detected.
Adobe today has released security hotfixes for a critical information disclosure vulnerability that exists in ColdFusion versions 10 and 11, across all platforms.
An independent researcher found a way to theoretically take over random Facebook accounts by forcing millions of user password resets and then brute-forcing each reset request to check for a specific six-digit authorization code.
Seven D-Link network attached storage (NAS) devices are vulnerable to an XSS defect that can be exploited without the user downloading malware or clicking on a malicious link, a researcher found.
A series of flaws affecting the consumer security suite Kaspersky Internet Security was patched by Kaspersky Lab.
Accellion Kiteworks appliance versions prior to kw2016.03.00 contain multiple vulnerabilities which can allow an attacker to conduct cross-site scripting attacks or to view limited sets of files.
A NSO Group spokesman claims Pegasus malware was only sold to governments under signed agreements to be used in a lawful manner.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Education sector bullied by ransomware and can barely defend itself, report
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- DetoxCrypto ransomware imitates Malwarebytes software
- House Committee urges Obama not to pardon Snowden
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace