This week's In Case You Missed It (ICYMI) column takes a look at Google's Project Zero, accusations of double-standards at the ICO and the need to share intelligence on critical infrastructure.
The wide spectrum of discovered vulnerabilities makes a single solution unlikely - UC Berkley report
UK-based travel booking website Hotel Hippo appears to have closed just one week after an independent security consultant found that the firm had weak security and privacy controls.
Two-and-a-half months on from the discovery of the Heartbleed bug affecting OpenSSL security, and one security researcher claims that the flaw still affects 300,000 servers.
David Sandin looks at the implications of using open-source code libraries in vendors' security solution, and the assumptions that lay behind the Heartbleed bug.
A researcher at the Electronic Frontier Foundation (EFF) says that blogs hosted on WordPress can be hacked when connected to public Wi-Fi, even if two-factor authentication is employed.
The speed of reaction to Heartbleed was not matched by the quality of response, says Russ Spitler who calls for more and better education to effectively share knowlege that benefits us all.
Half of all servers affected by the global Heartbleed flaw remain unpatched - and it could be months before vulnerable systems are fixed, if ever.
Confidential records saved with cloud storage providers Dropbox and Box have been exposed, prompting one industry peer to say that it is 'beggars belief' that companies still rely on free file-sharing applications.
The adversary has enormous capabilities in the cyber world, but it too is not without its vulnerabilities, and these must be exploited says Calum MacLeod.
Critical infrastructure operators are now being alerted to the far reaching impact of a critical OpenSSL flaw, dubbed the "Heartbleed Bug."
A new class of security vulnerability that is "highly suspected" to affect all of the almost one billion Android devices in existence has been discovered by a research team from Indiana University and Microsoft.
Mark O'Neill suggests that his top ten potential vulnerabilities of the Internet of Things (IoT), need to be considered now, before mass deployment.
"Cyber-criminals continue to innovate and find vulnerabilities to exploit for their criminal activity" says Lancope CTO Tim Keanini.
An interesting discussion at the RSA conference revealed that vendors often face a "double-edged sword" when tasked with disclosing software vulnerabilities.
Apple Mac users can breathe a sigh of relief as the company has finally fixed a flaw that meant their personal details could be stolen while they were browsing online.
Security researcher - and white hat hacker - Raven Alder addressed sexism in the InfoSec world at the B-Sides San Francisco event on Monday, and said - perhaps surprisingly - that it can help and hinder attackers and defenders in equal measure.
"You suck at your job" was the Michael Roytman's controversial opening line to the audience of white hat hackers at the B-Sides event run prior to RSA San Francisco.
A group of Chinese spies are believed to have resurfaced to attack vulnerable political and non-profit groups, after FireEye discovered them using a new zero-day Adobe exploit.
A critical vulnerability has been discovered in the open source software architecture that drives Wikipedia and numerous other `Wiki' information services.
Corporate Android mobile phone users are warned that potentially billions of apps running on these devices could be hijacked by attackers using a vulnerability first highlighted over two years ago.
Microsoft's Patch Tuesday update has been released, giving users a highly anticipated fix for a TIFF zero-day flaw and 23 other bugs affecting company software.
Russia's Ministry of Internal Affairs (MIA) has revealed that the author of the infamous BlackHole exploit kit is being prosecuted in the country.
Microsoft released five bulletins on its June Patch Tuesday, fixing one critical vulnerability in Internet Explorer.
Oracle has said that making Java more secure is a priority, as it lines up regular patch updates.
Vulnerability management firm Secunia has apologised after an undisclosed vulnerability was sent to a public emailing list.
Microsoft released ten bulletins yesterday fixing 33 vulnerabilities, including the zero-day in Internet Explorer 8.
Microsoft has acknowledged problems caused by a patch released this week that can cause system errors.
Microsoft issued nine bulletins to fix 14 vulnerabilities this week; however it left several known flaws unpatched.