Security researchers have uncovered vulnerabilities affecting the firmware of Supermicro server products. Discovered by the Eclypsium team, these vulnerabilities affect both older and newer models of Supermicro products, but the vendor is working on addressing the issues.
Chinese firm Foscam has published firmware updates to address three vulnerabilities in multiple models of IP-based cameras. The flaws, when exploited, allow an attacker to take control of vulnerable cameras, and especially those left connected online via a public IP address.
The US government has filed new charges against Marcus Hutchins, the security researcher known as MalwareTech who stopped the WannaCry ransomware outbreak last year.
The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought.
Cyber-criminals have managed to assemble a gigantic botnet of over 40,000 infected web servers, modems, and other IoT devices, which they used for cryptocurrency mining, and for redirecting users to malicious sites.
A security breach at one of the world's largest human resources providers, Australian company PageUp, has resulted in tens of companies that were using their services notifying employees and applicants today that their personal data might have been stolen last month.
US cyber-security firm CrowdStrike announced yesterday a new warranty program for its customers, offering to cover up to $1 million in expenses if a customer protected by its top-tier endpoint protection solution (aka fancy word for antivirus program) suffers a security breach.
The Atlanta Police Department has lost years worth of police car dashcam videos following the March ransomware attack that affected most of the city's IT infrastructure.
Family genealogy and DNA testing site MyHeritage announced on Monday a security breach during which an attacker made off with account details for over 92 million MyHeritage users.
Security researchers have disclosed today details about a critical vulnerability impacting open source coding libraries that handle archived files.
Two months after the Drupal project released a patch for a highly critical security flaw, there are over 115,000 Drupal sites that have failed to install the fix and are now at the mercy of cyber-criminals.
Microsoft has recently published an interesting open source project called "PQCrypto-VPN" that implements post-quantum cryptography (PQC) with OpenVPN. This project is being developed by the Microsoft Research Security and Cryptography group as part of their research into post-quantum cryptography.
Botnet operators can be as clueless about security as their victims, according to Ankit Anubhav Principal Researcher at NewSky Security, a cyber-security company specialized in IoT security.
Mobile app developers are going through the same growing pains that the webdev scene has gone through in the 90s and 2000s when improper input validation led to many security incidents.
In Windows Insider Preview build 17682, Microsoft has made the Remote Server Administration Tools (RSAT) an on-demand software feature. What this means is that once you install RSAT in Windows 10, it will be automatically reinstalled when you install a future operating system update.
Apple has released security updates this week for seven products —macOS, iOS, watchOS, iTunes for Windows, tvOS, iCloud for Windows, and Safari.