Vulnerabilities & Flaws
Monolithic operating systems will attract attackers, and speed to market will trump security, so expect patches and be intelligent about how vulnerabilities are fixed says Raimund Genes.
A critical flaw found on open-source Jetty HTTP web servers could - if left unpatched - lead to hackers hijacking internet sessions and stealing sensitive data.
The McAfee Labs Threats Report: February 2015 demonstrates how failure to patch is leaving mobile apps exposed to SSL vulnerabilities.
After stinging criticism from Microsoft and others over how and when it reported zero-day flaws, Google has changed its vulnerability disclosure policy.
Driverless cars put our lives rather than our data at risk and cyber-security should therefore be a crucial component in design, to deliver trust, says James Knotwell
Cyber-spy group exploited two Adobe and Internet Explorer zero-days to infect one of the world's most popular websites, say researchers.
A widely-used exploit kit called 'Angler' has apparently been used to target a new zero-day affecting the latest versions of Adobe's Flash Player.
Tens of thousands of French websites have been hacked in the aftermath of last week's Charlie Hebdo terrorist attack, which left 20 people dead.
MWR 'proves' ad flaws can be used to hijack mobile phones.
Security researchers uncover 'grinch' vulnerability that could affect all Linux systems
Companies should reconsider cloud-security perceptions says Pathik Patel, noting that recent software vulnerabilities such as Shellshock had less affect on cloud-based services than premises-based apps.
Microsoft says outdated software can be almost as insecure as having no protection at all.
A flaw that affects nearly all Apple iOS devices - and which Apple has failed to patch despite knowing about it since July - is now being circulated among cyber-criminals and may have already led to attacks.
The video games industry generates billions of revenue, but only 20 percent achieve profit, due to cheats breaching security, hence the need for stricter implementation and enforcement of controls says Amit Sethi and Rennie Allen.
Updating of WordPress versions advised to avoid exposure to new vulnerability
The coming Internet of Things explosion is more than your firewall can cope with says Steven Rosen, advising companies to take additional measures to deal with new threats.
Systems admins are being warned of a decades-old bug that means hundreds of millions of systems - ranging from Unix/Linux web servers to possibly Apple devices and WiFi routers - can be easily hijacked.
Microsoft has issued four bulletins covering a total of 42 vulnerabilities, 36 of which are rated critical.
Intelligence-led third party red-teaming testers can identify the blind spots that in-house teams thought they had covered suggests Simon Saunders.
North Korea more likely to attack than most nation states: 3,000 cyberwar hackers and counting...
The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.
The growing impact of web exploits isn't just limited to the enterprise market and must be countered on an industry-scale, says Pedro Bustamante.