Security News

A buffer overflow found in the Mirai botnet could eliminate its ability to carry out HTTP flood attacks. But exploiting that vulnerability puts defenders in a gray area with regard to hacking back.

Apple addressed vulnerabilities in iTunes and iCloud for Windows, and Xcode Server on Thursday.

Mike Mimoso and Chris Brook recap the news of the week, including the storylines around last week's Dyn DDoS attack, Keen Team winning big again at Pwn2Own, and a fake Windows installer.

Cisco warns of 16 flaws in its latest security bulletin, mostly impacting its Cisco AsyncOS software used in its Email Security Appliances.

Microsoft announced it has extended a feature in Office 2016 that protects against malicious macros to Office 2013.

Analysis by DNS provider Dyn hints that more than 1 terabyte per second of traffic may have been used in last week's massive DDoS attack that impacted Internet service on the East Coast.

Hackers with Keen Team identified vulnerabilities in iOS 10.1 and Android Nougat at Mobile Pwn2Own this week.

Attackers can leverage a design weakness in all versions of Windows to carry out code injection attacks that bypass detection by security software.

Joomla fixed two critical issues in the content management system and is strongly encouraging users to update their sites immediately.

Three vulnerabilities, all which can lead to remote code execution, exist in the LibTIFF library.