First Java zero-day in two years exploited by Pawn Storm hackers
Another zero-day vulnerability is being exploited in attacks spotted in the wild: this time, the targeted software is Java.The flaw was spotted by Trend Micro researchers, who …
Identifying the five principal methods of network attacks
Companies are underestimating the risk of failing to provide security training to non-technical staff.A new Intel Security study, which surveyed IT decision makers in …
Two more Flash 0-day exploits found in Hacking Team leak, one already exploited in the wild
Exploits for two more Adobe Flash 0-days have been found in the leaked Hacking Team data. The existence of the vulnerabilities has been acknowledged by Adobe with a security …
Week in review: HackingTeam breach and consequences, and Android games unmasked as phishing tools
Here’s an overview of some of last week’s most interesting news and articles:Hacking Team hacked, 400GB+ of company documents and emails leakedHacking Team, the …
Apple to introduce two-factor authentication option in iOS 9 and OS X El Capitan
Starting with OS X 10.11 (“El Capitan”) and iOS 9, Apple will introduce a two-factor authentication option that will replace the current two-step verification …
VMware fixes host privilege escalation bug in Workstation, Player, Horizon View
VMware has issued software updates for VMware Workstation, Player, and Horizon View Client for Windows, which fix relatively serious a host privilege escalation vulnerability …
Sensitive info of over 21.5M people, including SSNs and fingerprints, stolen in OPM hack
The US Office of Personnel Management (OPM) has revealed on Thursday the full extent of the information stolen in the two data breaches it suffered in 2014.In the first …
Naked pictures or financial info? Users would rather thieves stole the former
Every day it seems information security is ruling the headlines, Americans are (perhaps understandably) feeling insecure about the security of their financial information. In …
IIS 6.0 users are heading towards new security dangers
RiskIQ has discovered that 24 of the top 30 FTSE-listed companies in the UK are running web servers that will be out of support in less than a week, posing a potential …
FBI director insists Silicon Valley can solve the encryption dilemma – if they try hard enough
On Wednesday, the US Senate Judiciary Committee got to hear from FBI director James Comey and DOJ Deputy Attorney General Sally Quillian Yates on how end-to-end encryption …
Severe OpenSSL bug that allows certificate forgery has been plugged
The wait is over: the OpenSSL Project has issued security updates for the popular open-source implementation of the SSL and TLS protocols, and has shared some details about …
Cyber attack on US power grid could result in losses up to $1 trillion
When, on Wednesday, the New York Stock Exchange halted trading, The Wall Street Journal website went down, and United Airlines grounded flights – all practically at the …