Cisco has issued a critical advisory on a number of security updates to address vulnerabilities in more than 300 of its switch models, some of which were detailed in Vault7, a recent dump from WikiLeaks.
Kaspersky Labs has disclosed a vulnerability in libpurple that if exploited could allow remote code execution.
Looking at the State of Website Security in 2016, researchers at Google have detected a sharp rise in the number of hacked sites.
A flaw in a mobile app is leading to some unappetizing offerings for McDonald's customers in India.
Although Adobe has not observed exploitation of the vulnerabilities in the wild, the Flash Player update is considered priority one.
Cisco released patches to address vulnerabilities impacting several of its products.
The Association of British Travel Agents has suffered a data breach affecting approximately 43,000 individuals after an unauthorized intruder exploited a vulnerability in a third-party web server, the trade organization acknowledged.
Starting last Thursday (9 March 2017), AlienVault has seen a high number of attackers trying to exploit this vulnerability and recommends patching as soon as possible.
A group of researchers from the University of Michigan and the University of South Carolina were able to develop a series of attacks that manipulate devices using sound
A researcher has already found an old vulnerability in the Nintendo Switch which could allow remote attackers to execute arbitrary code.
The information released has yet to be verified but revealed multiple zero days that Apple and Google said are being fixed.
One premise of a RAND study into zero-day vulnerabilities, is that they are useful in cyber operations - whether by criminals, militaries or governments.
A new vulnerability has been spotted in Apache's Struts open-source project that has been spotted active in the wild allowing remote code execution.
The Flash Seats Mobile App for iOS, a sports and entertainment ticket management app, is vulnerable to man-in-the-middle attacks due to improper validation of SSL certificates provided by HTTPS connections.
Sixty-one percent of organizations polled in a survey from CyberEdge Group responded that they'd been hit by a ransomware demand, a third of those paid the ransom demand.
Six bugs in WordPress were patched that could have opened the platform to exploitation by bad actors.
"A troublesome situation" has arisen for users of vBulletin.
The British Retail Consortium releases practical guidance for British retail businesses to ensure they have the appropriate preventative and response measures in place to reduce their vulnerabilities and to protect both themselves and their customers.
The Microsoft Online Services Bug Bounty program has doubled the maximum payment for vulnerabilities found on the company's Microsoft Office 365 Portal and Microsoft Exchange Online.
HackerOne will provide its HackerOne Pro platform as a free service to foster open source projects for vulnerability submission and coordination and bug bounties.
Security research firm ACROS Security has issued a third-party patch for a Microsoft vulnerability that Google disclosed last month after Microsoft failed to issue a patch within Google's imposed 90-day deadline.
Questions continue to swirl surround a mysterious Mac-based remote-access trojan (RAT) malware program called Proton, which Apple addressed in a recent update to its anti-malware program XProtect.
Researchers at Talos released findings of their investigation into a curious piece of malware that went to great lengths to disguise its origins.
Users of Apple's macOS system will soon begin to see more warnings as they browse or attempt to download files.
Cisco Talos issued a warning that attackers are using a publicly available tool to scan customer systems searching for Cisco Smart Install clients to leverage a known flaw to remove files or enable remote code execution.
Cisco Talos research team has spotted multiple remote code execution vulnerabilities in the Iceni Argus PDF content extraction product.
Two flaws have been detected in Siemens RUGGEDCOM NMS line of network management tools that could open the equipment up to remote exploitation.
Cloud security vendor fixes cross-site-scripting bug, downplays the threat, says it would only affect co-workers.