A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user’s emails and attach malicious code to their outgoing messages.
Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.
Google said Wednesday it forgot to mention that it included a microphone in its Nest Secure home alarm system, the latest privacy flub by one of the tech industry’s leading collectors of personal information.
Cisco this week released patches for more than a dozen vulnerabilities across its product portfolio, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance.
Adobe on Thursday released a second fix for the Reader vulnerability tracked as CVE 2019-7089 after the researcher who discovered the flaw managed to bypass the first patch.
The security hole, identified by Alex Inführ from Cure53, allows a specially crafted PDF document to send SMB requests to the attacker’s server when the file is opened.
Microsoft informed users on Wednesday that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks that rely on malicious HTTP/2 requests.
Latest Developments in Mueller and Russian Electoral Meddling
WinRAR, the popular data compression tool utilized by over 500 million users worldwide, is affected by a serious vulnerability that can allow arbitrary code execution through specially crafted ACE archives.
Security updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution.
A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports.
Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to make the devices automatically dispense all cash from their most valuable cassettes.
Companies are increasingly moving sensitive data to the cloud, but cybersecurity, including the human factor and technology, is still a problem for many, according to a new report published on Wednesday by Oracle and KPMG.
The cat-and-mouse game between BitDefender and the GandCrab ransomware developers continues. On Tuesday (Feb. 19) BitDefender released a new version of its GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5 up to the latest version 5.1. The decryptor is available from BitDefender and from the NoMoreRansom project.
Online shoppers are at a growing risk from a scam which allows hackers to skim their payment details, cyber security firm Symantec warned on Wednesday.
Britain can handle the security risks involved with using mobile networks made by China's Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants.
Kaspersky Lab this week announced Kaspersky CyberTrace, a free threat intelligence fusion and analysis tool to make it easier for security teams to access threat intelligence.
Armorblox emerged from stealth mode on Wednesday with a platform that uses natural language understanding (NLU) to detect cyber threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round.
Microsoft says it has observed a group widely associated with the Russian government launching numerous cyberattacks on democratic institutions in Europe between September and December 2018.
2018 saw the convergence of three separate threat trends -- two that have evolved over the last few years, and one that came to the fore during 2018. These are the merging of IoT botnets, destructive malware and cryptojacking.
We have 31 guests online
You know we do!
TOP TEN SERVICE PROVIDER