Nearly all websites have serious security vulnerabilities
A new Acunetix report on 5,500 companies comprising 15,000 website and network scans, performed on over 1.9 million files, finds nearly half of the web applications scanned …
Hacking Team used fake app hosted on Google Play to install its spyware on Android devices
“The massive Hacking Team data leak includes the source code of a fake Android news app and instructions on how to use it, Trend Micro researchers have found. The app, …
Is this the death knell for the RC4 encryption algorithm?
It has been known for quite some time that the RC4 cryptographic cypher – used in popular Internet protocols such as TLS and HTTPS – is vulnerable to attack, but …
Why enterprise security priorities don’t address the most serious threats
In 2015, enterprises will spend more than $71.1 billion on information security – more than they have ever spent before, according to Gartner Group figures. Yet, the incidence …
Global action takes down Darkode cybercriminal forum
This week, law enforcement and judicial authorities worldwide have taken down the most prolific English-speaking cybercriminal forum to date: Darkode.In an international …
SanDisk unveils new wireless flash drive
SanDisk unveiled a new wireless mobile flash drive, the SanDisk Connect Wireless Stick, which enables sharing, transferring and accessing data between mobile devices and …
Researchers prove HTML5 can be used to hide malware
“A group of Italian researchers have come up with new obfuscation techniques that can be used to dupe malware detection systems and allow malicious actors to execute …
New GamaPoS malware targets US companies
“After dedicating their efforts to swelling the number of computers roped into their malicious net, the masters of the Andromeda botnet are putting it to use by …
Epic Games forums hacked, user data stolen
The forums of popular game development company Epic Games have been hacked, and the users’ username, email address, password and date of birth have likely been …
Coalition for Responsible Cybersecurity fights proposed export control regulations
A broad cross-section of industry announced the formation of the Coalition for Responsible Cybersecurity. The purpose of the Coalition is to prevent the Commerce Department …
Hacking Team spyware survives on target systems with help of UEFI BIOS rootkit
How did Hacking Team make sure that its Remote Control System (RCS) spyware will remain on targets’ computers even if they reinstall their OS, format their hard drives …
Oracle fixes Java zero-day exploited by Pawn Storm hackers
With its quarterly Critical Patch Update, Oracle has released security fixes for 193 vulnerabilities across all of its products (a good summary can be found here), including …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)