LinkedIn has invited a security researcher to join its private bug bounty programme after he identified a novel exploit involving the site's cascading style sheets (CSS).
Researchers at Malwarebytes spotted a video malvertising campaign that highlights the ad industry's lack of security.
Already a scourge on personal computers, as well as personal websites, ransomware is now going after Linux web servers.
Dell computers can be tinkered with to expose the number employees use to identify customers
Dell reported that it has been shipping Inspiron 14 laptops since August that inadvertently contained the security certificate, eDellRoot, that essentially gives hackers complete access to the system.
In what a researcher in India called "a very quick turnaround," LinkedIn implemented a fix for a persistent cross site scripting (XSS) vulnerability he discovered.
In an environment in which cyber professionals are overwhelmed by rapidly changing security threats, industry pros generally agree that a remediation plan must involve difficult decisions about the security issues that companies are willing to accept the risk rather than take action.
Further security and privacy risks to users of Siri, Apple's personal assistant, have been revealed that could allow anyone to gain entry to personal data on someone else's iOS device.
A new variant of the notorious banking trojan Dyreza has been detected by researchers at Heimdal Security.
Adobe released security updates that address three security issues affecting its ColdFusion, LiveCycle DS, and Premiere Clip 9 products.
Researchers at Malwarebytes spotted a malvertising campaign performing drive-by-downloads on unsuspecting victims
When it comes to what security professionals need to do to protect their organizations not much has changed in a couple of decades, though perimeters have all but dissolved and the timeframe for taking action has become more compressed, according to members of a Tuesday panel at SC Congress in Chicago.
Researchers found a bug that could have potentially exposed the personal data of every customer.
It's not the chip cards themselves but the slow adoption of the platform in the U.S. that is leaving consumers vulnerable to credit card fraud, an FBI representative said recently.
Researchers at Tencent's Xuanwu Lab demonstrated attacks using barcodes that could deliver commands to systems that read them.
Some hackers are implementing a combination of old-school tactics tied to cutting-edge automation to spread their mayhem, according to a new report by Imperva.
There is no air gap between IT and OT that was the key message for oil and gas sector CISOs coming out of the Black Hat Amsterdam talk by Alexander Polyakov and Mathieu Geli
Google will no longer offer Chrome support for Windows XP, Vista and several older versions of Mac OS X, the company announced, along with releasing several Chrome and Chrome OS updates.
Malwarebytes spotted malvertising on the Barclays Premier League official fantasy site that redirected users to Nuclear Exploit Kits that exploited Flash vulnerabilities.
A security update patches a critical flaw in the management console for Symantec Endpoint Protection Manager.
Adobe has released security updates that address 17 critical vulnerabilities in Flash Player, that could let attackers seize control of affected systems.
Microsoft's November Patch Tuesday security bulletin lists 12 notifications, four of which are critical updates being issued for Internet Explorer, Edge and two other applications all repair a vulnerability that would allow remote code execution.
After reporting last week that it had issued banned certificates that could facilitate man in the middle (MitM) attacks, Comodo has fixed the "subtle bug" that the company's Senior Research and Development Scientist Rob Stradling wrote prompted the problem.
Despite an ever-growing stream of information demonstrating the difficulties enterprise companies face securing mobile applications, consumers maintain trust in the security of their mobile applications, according to a new survey.
Microsoft is set to bring the date after which its Windows browsers will no longer accept SHA-1 to the middle of next year after new research has shown the cryptographic hash function to be even more vulnerable than previously thought.
Onapsis Research Labs uncovered 21 vulnerabilities - eight of them critical - that affect SAP HANA-based applications.
A just-released report surveying endpoint security across the federal government highlighted some dire lapses.
While most consumers say they don't believe their Internet of Things (IoT) devices are secure, Kaspersky Lab researchers set out to accurately assess the vulnerabilities in common items.
Researchers have identified a new strain of malicious adware that is impossible for affected Android device owners to uninstall.
More than 2,000 iOS apps stocked in Apple's legitimate App Store reportedly contained backdoored versions of an ad library, which could have allowed for surveillance without users' knowledge.
Sign up to our newsletters
SC Magazine Articles
- Anonymous hacks, 'Rickrolls' ISIS
- IBM, Oracle, Cisco certification manager breached, info accessed
- Hilton Worldwide confirms malware on POS targeted payment card info
- Algebraic Eraser, the algorithm running the 'Internet of Things' is broken...again
- Sony hackers remained hidden for months due to a new toolset: Damballa