Security News

Attackers have begun using rigged Microsoft Word documents propagated via spearphishing emails to spread the BlackEnergy Trojan.

Israel’s Electric Authority was hit by what officials are calling a “severe cyber attack." Conflicting reports argue the agency was hit by ransomware.

Cisco has demonstrated an attack against Stack Smashing Protection in Linux systems that is facilitated by a critical vulnerability in MiniUPnP.

Mozilla has patched a number of critical vulnerabilities in Firefox 44 and Firefox Extended Release 38.6, which were released this week.

Amazon's new Certificate Manager is providing SSL certificates for free to AWS customers but experts warn it's only a matter of time before they're exploited.

Government agencies have until Feb. 4 to audit their IT infrastructure for the use of backdoored Juniper Networks’ Netscreen firewalls.

Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Researchers believe a single group, Scarlet Mimic, is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists.

OpenSSL announced that it will release updates for 1.0.2f and 1.0.1r that patch two high-severity vulnerabilities.

FreeBSD has patched a kernel panic vulnerability is versions compiled to support IPv6 and SCTP.