Vulnerabilities News, Articles and Updates
The Internet Systems Consortium issued an advisory on Wednesday, warning that some third parties are distributing versions of ISC's BIND software that contain a high-severity vulnerability, which if exploited can trigger an assertion failure.
Mozilla pushed out two security patches for Firefox on Oct. 20 rated as potentially having a high impact on users of the popular browser.
Security researchers published details of the exploit in a research report entitled "Jump Over ASLR: Attacking the Branch Predictor to Bypass ASLR."
As Election Day approaches, researchers have detected a marked uptick in malicious cyber campaigns that seek to capitalize on the highly contentious 2016 race for president.
Oracle released its latest batch of patches on Tuesday to address 253 security vulnerabilities for 76 products.
A recent study found that security teams should stay vigilant to ensure open-source software is secure.
Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.
An Italian researcher who discovered a bug in IBM WebSphere and then worked with the company for two months on fixing the flaw, had his research censored by Big Blue.
Marking the fifth anniversary of its bug bounty program, Facebook this week announced that it has paid out more than $5 million since the initiative's inception in 2011.
Blockchain.info, a popular Bitcoin wallet provider, was knocked offline for seven hours on Thursday after a domain name system (DNS) attack.
A hacker scanning for unsecured databases has compromised at least 58 million records - and possibly as many as 258 million - from Modern Business Solutions, a data management and monetization firm.
Connected car threats endanger corporate and municipal vehicle fleets; experts make policy recommendationsOctober 11, 2016
The National Association of Fleet Administrators (NAFA) on Monday published a new white paper containing a series of recommended policies that organizations can implement to reduce risks associated with automotive cyberthreats.
Microsoft today issued 10 bulletins covering 45 vulnerabilities, including 5 zero days for this month's Patch Tuesday update, the first using the company's new update methodology.
Without users noticing, a new attack enables malware to switch on Apple webcams.
Google this week made available patches addressing 78 vulnerabilities, including seven critical flaws, the most severe of which could enable kernel-level remote code execution, resulting in a total device takeover.
An unusual glitch is reportedly affecting Apple customers that recently purchased new iPhones private browsing flaw in iOS 10 isn't as bad as it seems.
Following its exposé accusing OurMine of web defacements, the website BuzzFeed was itself hit.
A number of vulnerabilities found in an industrial automation device could allow hackers to take control of machinery.
Yahoo called a Reuters report that it allowed secret spying of its customers' email "misleading," but the privacy implications are being debated not only by the tech and legal communities but the public as well.
The OneTouch Ping Insulin Pump system from Animas Corporation contains three vulnerabilities that could allow a remote attacker to trigger an overdose, warned Internet security firm Rapid7, in an announcement later confirmed by the device manufacturer.
Cisco Talos researchers spotted a remote code execution vulnerability in the FreeImage Library XMP Image Handling affecting version 3.17.0.
Google last week announced the impending rollout of Chrome version 53.0.2785.143, which addresses three security issues affecting the Windows, Mac and Linux operating systems.
The security firm Zerodium announced an increase in bounty prices for zero-day exploits with the top prize now being $1.5 million for and Apple iOS 10 remote jailbreak, a $1 million increase.
Microsoft has announced it is to harden the Edge browser for enterprise users.
Nearly three-quarters of businesses have end-of-support devices operating in their networks, and the consequences could prove dire, a new study found.
Tesla has releases a major firmware update in response to a video posted by a group of Chinese researchers that displayed a series of vulnerabilities the electric car company's vehicles.
SWIFT has introduced a daily reporting system intended to help members of the financial messaging system identify fraudulent payments made over the network.
Security researcher Arun Sureshkumar earned $16,000 after disclosing a vulnerability in Facebook Business Manager that, if exploited, could have allowed attackers to take over a targeted victim's Facebook page.
Researchers claim they were able to crack into Tesla's CAN Bus to achieve remote control of the electric car and the DoT just issued a new policy concerning automated vehicles.
Cisco issued an advisory for a flaw that the company has linked to exploits released by the Shadow Brokers group.