Security News

500 sites that use the free analytics service PageFair may have been compromised over the weekend.

A vulnerability in a network that processes genomic data could pave the way to some global genomic databases being hacked.

Researchers have developed a bypass for Microsoft's EMET exploit mitigations by targeting a design limitation of the WoW64 subsystem that provides backwards compatibility for 32-bit applications...

Google released its monthly over-the-air Android security update to Nexus devices, patching another handful of vulnerabilities related to Stagefright.

A malicious data-stealing Android app that impersonates a Microsoft Word document has already infected several hundred users, primarily in China.

Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.

Xen patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.

Web hosting service 000webhost told customers that 13.5 customer usernames, plaintext passwords, email addresses, IP addresses, and names were exposed in a breach.

Rockwell Automation has patched a handful of vulnerabilities in its Allen-Bradley MicroLogix programmable logic controllers

A researcher challenges a conclusion in a recent academic paper on weak Diffie-Hellman implementations that claims 66 percent of IPsec VPN connections are at risk.