Security News

Researchers at Endgame shared how two exploit mitigations could go a long way toward wiping out a nasty class of vulnerabilities.

Microsoft addressed an issue in its hypervisor, Hyper-V, this week, that could lead to a denial of service condition.

Microsoft pushed out 12 bulletins as part of November's Patch Tuesday, including four critical updates, all of which can lead to remote code execution.

Adobe patched 17 critical remote code execution vulnerabilities in Flash Player.

Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts.

A security firm is warning this week that 88 percent of networks are at risk of being compromised via credential theft and reuse.

Certificate authority Comodo admits it incorrectly issued eight certificates that include forbidden internal server names or reserved IP addresses.

Encrypted email service ProtonMail is back online Monday following a crippling six-day DDoS attack.

Nearly two dozen critical SAP HANA vulnerabilities have been patched, including a critical misconfiguration of the TrexNet administrative interface.

Microsoft said this week it's considering moving up its deadline for blocking SHA-1 signed certificates to June 2016.