The First Stop For Security News
Aktualizace: 3 min 36 sek zpět
Researchers unveiled the first-ever practical collision attack the cryptographic hash function SHA-1.
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.
Microsoft's delayed release of its February security bulletins leaves users exposed to a pair of already publicly disclosed vulnerabilities.
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.
New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user.
The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.
After a nearly four-year respite, the data-stealing TeamSpy malware has resurfaced in a spam campaign.
US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.
Google Project Zero researchers are warning of an unpatched Microsoft vulnerability in the Windows' GDI library that allows attackers to steal sensitive data from program memory.
Mat Gangwer, CTO, and Tom Gorup, Security Operations Lead, at Rook Security talk to Mike Mimoso about the aggressive rise in online extortion and how it threatens not only data but physical safety.
A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.
According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, doomsday fears of a cyberattack against the U.S. electric grid are overblown.
SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference
Researchers demonstrate how malicious apps can break into secure Android work containers on EMM managed phones.
Cris Thomas of Tenable Networks, aka Space Rogue of the L0pht, talks to Mike Mimoso during RSA Conference about the rhetoric and hype surrounding cyberwar, as well as a quick trip down memory lane with the L0pht and its famous 1998 testimony before Congress.
A RSA Conference panel tackles the difficulty in defining cyberwar.
Researchers from Dell SecureWorks infiltrated a Nigerian business email spoofing and business email compromise operation, shutting down a number of money mule accounts in the process.
Google's Android security director touts 2016 mobile OS security accomplishments from encryption, improved APIs and new developer testing tools at the RSA Conference.
Google secures its perimeter with explicit trust in what it knows about users and the devices connecting to its corporate services.