It didn't take long for exploit kit authors to incorporate an exploit for the recently discovered zero-day Adobe Flash vulnerability (CVE-2015-3113) into their malicious wares.
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content Security Management Virtual Appliance (SMAv) software.
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP Patrick Barker.
A researcher shared his discovery of fifteen flaws of varying severity in a number of font engines used by Microsoft's Windows, Adobe's Reader software, popular modern browsers, and so on.
A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers.
Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.
A security researcher that goes by the name Chloe recently tested around 1,400 Tor exit nodes by setting up a Bitcoin-themed phishing site.
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries.
Dyre's primary goal is to harvest victims' online credentials, and it's capable of doing this by mounting Man-in-the-Browser attacks against the three most commonly used Windows browsers: Internet Explorer, Firefox, and Chrome.
Cybercriminals have, in the last nine months, increasingly returned to cost-effective macros to reach more targets and see a greater return on their financial investment.