Security News

According to a recent survey, 86 percent of health apps had at least two critical vulnerabilities and 55 percent of health app users expected their apps to be hacked in the next six months.

OpenSSH patched a critical vulnerability that could be exploited by an attacker to force a client to leak private cryptographic keys.

Cisco patched two critical vulnerabilities that could lead to complete compromise of any devices running its software, and a hardcoded password issue.

The Internet Systems Consortium (ISC) on Tuesday patched a denial-of-service vulnerability in numerous versions of DHCP.

A Silverlight vulnerability patched yesterday by Microsoft could be tied to a Russian hacker who tried to sell a similar zero day to the Hacking Team.

Microsoft only released nine bulletins for its first Patch Tuesday of 2016, but six of them are marked critical and seven can lead to remote code execution.

Adobe today patched 17 remote code execution vulnerabilities in Acrobat and Reader.

Researchers have uncovered a new RAT that can evade sandbox analysis, is adept at carrying out espionage, and is being used in targeted threat operations.

Researchers at Vectra Networks describe an attack against an inexpensive webcam and how they were able to turn it into a network backdoor.

Juniper Networks has removed the backdoored Dual_EC DRBG algorithm from its ScreenOS operating system, but new developments show Juniper deployed Dual_EC long after it was known to be backdoored.