Security News

French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.

There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. Cloud Station is...

Dennis Fisher and Mike Mimoso talk about the Logjam attack, the proposed Wassenaar export rules on exploits, and the letter to the president decrying crypto back doors.

Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product.

For many years, eBay has been one of the bigger targets for phishers and many other kinds of attackers and they have been honing their tactics and improving them along the way. Much of their...

Researchers from Cambridge University uncovered weaknesses in the Android Factory Reset feature that puts improperly sanitized data at risk.

Researchers at Purdue University have developed a scheme that protects stolen passwords from offline cracking.

The internet-cable-television provider Charter Communications recently fixed an issue with its website that was inadvertently leaking the information of tens of thousands of its customers.

Experts point out that the proposed Wassenaar rules in the U.S. leave unanswered questions regarding exploit development and the use of commercial penetration testing tools.

CareFirst BlueCross BlueShield announced this week that hackers broke into one of its databases and made off with a variety of sensitive customer information.