A prodigious 18-year-old bug hunter from Chicago has discovered and reported a critical vulnerability in a LinkedIn social button that could have been abused to harvest LinkedIn user information, some of which may not have been public.
A team of academics has identified an issue with the Zeroicoin protocol scheme, along with two security flaws in libzerocoin, the software library used for building actual cryptocurrencies around protocol.
Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory —a mandatory component used during the boot-up process [1, 2, 3].
Hackers can easily spoof and hijack communications targeting sirens part of emergency alert systems to trigger false alerts and cause panic among a local population.
Intel has decided that instead of fixing three security bugs affecting the Intel Remote Keyboard Android app, it would be easier to discontinue the application altogether.
A bill was passed yesterday by the state of Georgia that causes any unauthorized access to a computer to be considered "Unauthorized Computer Access" & "shall be punished for a misdemeanor of a high and aggravated nature". This bill amends the Georgia code, which originally only considered unauthorized access with malicious intent.
Cisco removed today a backdoor account from its IOS XE operating system that would have allowed a remote attacker to log into Cisco routers and switches with a high-privileged account.
The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL.
Firmware updates are available for a wide range of security flaws that are bound to cause a lot of problems on the IoT landscape.
The March 2018 Patch Tuesday contains a fix for a severe vulnerability affecting the CredSSP protocol; a vulnerability that affects all Windows versions ever released.
Chinese intelligence agencies are doctoring the Chinese National Vulnerabilities Database (CNNVD) to hide security flaws that government hackers might have an interest in, according to a report released on Friday by US threat intelligence firm Recorded Future.
Malware authors can exploit a flaw in the Windows Code Integrity Guard (CIG) security mechanism to inject malicious, unsigned code into CIG-protected applications, considered to be immune to such attacks.
A critical vulnerability affects hundreds of thousands of email servers. A fix has been released but this flaw affects more than half of the Internet's email servers, and patching the issue will take weeks if not months.
Security researchers from Duo Labs and the US Computer Emergency Response Team (US-CERT) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim's password.
A Google security engineer says Microsoft has failed to properly patch a security flaw affecting Windows 10 and Windows Server 2016 distributions.
Vulnerabilities in the Mi-Cam smart baby monitor allow hackers to hijack video feeds from all devices, located anywhere in the world.
A Google security researcher has found multiple security flaws affecting the uTorrent web and desktop client that allow an attacker to infect a victim with malware or collect data on the users' past downloads.
A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals.