Please turn on your JavaScript for this page to function normally.
Researchers discover critical flaws in the Chip and PIN system

A group of researchers from Cambridge University have discovered two critical flaws in the “Chip and PIN” (EMV) smart card payment system that can be misused to …

Recently patched IE 0-day abused in APT attacks

When Microsoft issued an out-of-band security update to patch the zero day Internet Explorer vulnerability on May 1, it was revealed by researchers from security company …

4chan launches bug bounty program

In the wake of the recent data breach that spelled the end of art products Canvas and DrawQuest, 4chan founder and owner Chris “moot” Poole has announced that they …

Dropbox fixes link-sharing data-leaking flaw

Popular file hosting service Dropbox has announced that it has patched a vulnerability that would make privately shared links accessible to those for whom they weren’t …

Windows flaw allows access to data after accounts are revoked

A disabled account in Windows’ network does not take effect immediately, according to Aorato. In fact, due to design considerations disabled accounts – and the …

Researchers debunk severity of OAuth “Covert Redirect” bug

Late last week, a Ph.D. student at the Nanyang Technological University in Singapore made the information security world pause for a moment by claiming that he had found a …

A hybrid approach to web app security assessment

High-Tech Bridge is introducing its hybrid web application security assessment SaaS, ImmuniWeb for the first time ever to visitors at Infosecurity Europe 2014. The service, …

Defacement mitigator for cybersecurity protection

At Infosecurity Europe 2014, Foresight released Defacement Mitigator, the first cloud-based web security solution that provides full defacement mitigation and protection to …

XSS bug in popular Chinese site exploited to launch DDoS attack

DDoS mitigation firm Incapsula has put a stop to the speculations that the video content provider whose vulnerable website was misused to launch a DDoS attack was YouTube, and …

Mozilla offers $10,000 for bugs in its new cert verification library

In the wake of the recent discoveries of the Heartbleed OpenSSL bug and the SSL “gotofail” bug, Mozilla has announced a new and topical bug bounty program: it …

FBI informant Sabu directed hacking of foreign govt sites

Hector Xavier Monsegur (aka “Sabu”), the infamous hacker and leader of the Lulzsec hacktivist group, has directed his associates to attack and compromise the …

NetSupport vulnerabilty allows information leakage

NetSupport is an application that allows corporations to remotely manage and connect to PCs and servers from a central location, to provide desktop support. I wrote a script …

Don't miss

Cybersecurity news