Security News

DLL hijacking is not a new attack vector. It's been around for 20 years or more. It's not easy, but it's very effective. Once achieved it provides stealth and persistence -- precisely those...

GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks.

Siemens fixed a session hijacking vulnerability in its LOGO! logic module Wednesday but says a second issue, one that could help facilitate a man-in-the-middle attack, has no fix currently.

Mughthesec, a variant of the OperatorMac adware, has been turning hijacked Macs into revenue-generating machines for the authors.

Chris Vickery, director of cyber risk research at UpGuard, has discovered more sensitive information exposed on an unprotected “bucket” on an Amazon AWS server. This time it includes – among other...

Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions.

74% of ransomware, 57% of adware, and 14% of banker malware abuse a specific app permission to target nearly 40 percent of all Android users – by overlaying screens, displaying fraudulent ads and...

Researchers spotted a strain of cookie stealing malware, injected into a legitimate JavaScript file, masquerading as a WordPress core domain.