Security News

The San Francisco Municipal Transport Agency says it has contained a ransomware attack, but now it faces new unsubstantiated claims by attackers who say they have 30GB of the agency’s data.

Vulnerabilities in UberCENTRAL, a portal used by businesses to facilitate rides, could have leaked the names, phone numbers, email addresses, and unique IDs.

Banks in Asia and Africa have been targeted with exploits for a zero-day vulnerability in InPage publishing software popular in Arabic-speaking nations.

Microsoft confirmed Feb. 14, 2017 is the cutoff date for SHA-1 support in its Microsoft Edge and Internet Explorer 11 browsers.

NTP 4.2.8p9 includes a patch for a vulnerability that could crash ntpd with a single malformed packet.

Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.

In the wake of the Pentagon and Army bug bounties, the government continues to engage researchers with the publication of the DoD’s vulnerability disclosure program.

Attackers could exploit over-the-air updates in three million Android devices to remotely execute commands with root privileges via a man-in-the-middle (MiTM) attack.

An email scam tricked Yandex email recipients into thinking phishing emails were certified legit and from the Microsoft.com domain.

A firmware update is available for Siemens-branded IP-based CCTV cameras that patches a vulnerability that puts admin credentials at risk.