Security News

Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running...

Researchers at Boston University have published new attacks against the Network Time Protocol (NTP) that jeopardize the security of numerous online activities.

Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.

Apple on Thursday fixed scores of vulnerabilities in OS X, iOS, Safari, iTunes, and even the company’s smart watch operating system, watchOS. Chief among the fixes was a patch for two issues the...

Google said it will move gmail.com to a policy of rejecting any messages that don’t pass the authentication checks spelled out in the DMARC specification.

Oracle patched 154 vulnerabilities in 54 different products as part of its regularly scheduled Critical Patch Update Tuesday.

Microsoft opened a bounty for the .NET Core and ASP.NET Beta, paying out up to $15,000 for eligible vulnerabilities.

Let's Encrypt hit a milestone last night when it received the cross-signatures necessary to render its beta-and free-certificates trusted by all browsers.

Juan Andres Guerrero-Saade from Kaspersky Lab’s Global Research & Analysis Team (GReAT) joins Ryan Naraine on the podcast to discuss the “identity crisis” in the anti-malware industry and the...

Some consumer-grade, self-encrypting external hard drives from Western Digital are littered with security vulnerabilities that render their encryption an afterthought.