Two security vulnerabilities have been found and fixed in password manager LastPass. One by prolific security-vulnerability finder Tavis Ormandy, and the other by Mathias Karlsson of Detectify Labs.
The Neutrino exploit kit (EK) added a former Internet Explorer zero-day vulnerability to its arsenal.
The latest In Case You Missed It (ICYMI) looks at CEO whaling victim; Unpatched zero-day; Passwords dropped; Self-propagating ransomware; USB charging hack
A zero-day bug in version 3.8 of Linux can potentially affect millions of Linux computers and servers as well as 66 percent of Android devices.
Zerodium is offering up to £1.9 million for vulnerabilities and a jail break of iOS 9.
OS X flaw is exposed by teenage Italian security researcher without warning Apple - reigniting the debate about 'irresponsible' bug disclosure.
OS X 10.10 has a vulnerability that allows hackers to install malware without system passwords
A zero-day flaw in Apple's online AppStore and iTunes store reportedly allows attackers to hijack users' purchasing sessions, buy and download any app or movie they want, then charge it to the original user.
Car hack exploit could enable criminals could take control of Jeep Cherokee over the internet
Google has warned that planned US curbs on exporting 'intrusion software' - intended to limit the sale of zero-days by organisations like Hacking Team - could be a boon for hackers making "billions ...less secure".
New cyber-attacks by Chinese and others criminals are exploiting the Adobe Flash zero-days leaked through the recent Hacking Team breach - prompting calls for Flash to be "put out to pasture".
Security industry calls on organisations to ditch vulnerable browser plug-in as yet another zero-day flaw hits flash
The news that Kaspersky Lab was hit by a "next-generation" malware attack is an indication of both how far we have come in cyber-warfare and how much further we still have to go.
Anyone reading the news headlines on the Venom flaw over the last 24 hours might be forgiven for thinking that the sky, or at least the cloud, is falling down.
CrowdStrike security researchers have discovered a zero-day affecting virtual machines, dubbed 'Venom', which could allow an attacker to "escape out of the virtual machine and execute code on the host with full privileges", thus putting data centres potentially in danger.
A new zero-day flaw affecting all versions of Google's Android operating system could be exploited by hackers looking to steal data or take control of the mobile device.
Cyber-security firm FireEye details zero-day exploits perpetrated by 'nation-state' sponsored threat actors.
After stinging criticism from Microsoft and others over how and when it reported zero-day flaws, Google has changed its vulnerability disclosure policy.
The latest ICYMI column looks at the biggest stories on SC this week, including worrying news on EU data protection laws, claims of iPhone spyware and new Flash Player zero-days.
Adobe has been hit by two zero-day flaws in the space of 24 hours, raising questions over the safety of its Flash Player platform which is being heavily targeted by cyber-criminals.
A widely-used exploit kit called 'Angler' has apparently been used to target a new zero-day affecting the latest versions of Adobe's Flash Player.
Google researchers accused of being "reckless" for disclosing flaw before Microsoft has patched it.
Microsoft has warned Windows users about a zero-day security issue with malicious PowerPoint documents being emailed to recipients. The software giant is working on a patch for the problem.
Zero-day vulnerabilities are a fact of life in cyber-security, which is why looping is so essential, says Darren Anstee.
A Russian cyber-espionage group has used a dangerous Microsoft Windows zero-day bug - being patched today - to attack targets including NATO, a western European government, a French telecoms firm, Polish energy companies and a US academic organisation.
Here are the five most popular SC articles, as seen by you the reader, in the week for July 11 to 17.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime