Security News

Siemens line RUGGEDCOM NMS products suffers from vulnerabilities that could allow an attacker to perform administrative actions.

Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing.

Researchers claim the unpatched SMB zero day that affects Windows can be exploited a number of ways.

Voice messages from children sent through an internet-connected toy called CloudPets were stolen from an exposed MongoDB database, which has been wiped clean and the data held for ransom.

The ramifications of the recent SHA-1 collision attack have extended to Git and the Apache Subversion repository, both of which rely on the outdated and vulnerable hashing algorithm.

A Boeing employee inadvertently leaked the personal information of 36,000 of his co-workers late last year when he emailed a company spreadsheet to his non-Boeing spouse.

Google’s security researchers disclosed details of an unpatched Microsoft vulnerability in its Edge and Internet Explorer browsers.

Katie Moussouris on how bug bounty programs have gone mainstream, the success of Hack the Pentagon and Hack the Army, and where things stand with the Wassenaar Arrangement.

Google’s E2EMail Chrome extension brings OpenPGP encryption to Gmail users.

Researchers say Necurs malware has been updated with a module that adds SOCKS/HTTP proxy and DDOS capabilities to this malware.