Security News

Find flaw, report flaw, fix flaw, get paid. Bish, bash, bosh Facebook has patched a remote-code execution flaw discovered in one of its servers.…

Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run...

The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers. What is MQTT? The Message Queuing Telemetry...

Well, there's something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The...

Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.

A publicly accessible Amazon S3 bucket was found storing documents apparently detailing GoDaddy infrastructure running in the Amazon AWS cloud, UpGuard reveals. read more

Remote management a double-edged sword, IT admins warned at hacking conference Black Hat Data centers are vital in this cloudy world – yet little-understood management chips potentially give...

Logins misdirected to wrong boxes by Jira toolkit Exclusive Atlassian has warned users of its Jira Service Desk toolkit to change their helpdesk email account passwords – after a glitch caused the...

The United States was the top region by number of distributed denial of service (DDoS) botnet command and control (C&C) servers in Q2 2018, Kaspersky Lab reports.

The Trend Micro-backed Zero Day Initiative is asking bug hunters to look for zero-day RCE vulnerabilities in several open source server-side products and is ready to pay up to $200,000 for some of...