Kaspersky filed an injunction Wednesday challenging the US government's ban of the software company's products, arguing that the US Department of Homeland Security didn't give it an opportunity to contest the purported evidence.
Adobe's Flash Player may gain a lot of negative headlines, but when it comes to the most frequented targeted software Microsoft Office and Windows beat out the much maligned Adobe software.
A recent HackerOne survey found that some bug bounties bounty-hunters are earning more than 16 times what they would have earned as a software engineer in their own country.
A North Korean cryptominer is raising questions as to whether it is an educational tool or a prototype to carry out silent attacks on unsuspecting CPUs.
Cyber-criminals launched a cyber-attack using the official website of a Ukraine-based accounting software developer to distribute a new variant of Zeus over a Ukrainian holiday.
Developers aren't choosing to ignore security issues - they don't have the skills or resources to create secure code due to a critical deficit in developer security training, especially how to manage vulnerable components effectively.
A reported chip flaw in Intel processors that has existed at least for the last 10 years allows software programs to access content in kernel memory and patching the bug.
Existing software development and security methodologies may need to be modified to better support a new way of developing, running, and supporting applications made possible by containerisation.
Happy New Year! SC Media UK resumes news reporting on 2 Jan 2018. During the break, catch up on our experts' predictions for a range of positive and negative futures, from the impacts of AI to likely new Zero days.
Adversaries are using the lure of free online software downloads to infect unknowing victims with a customised version of cryptocurrency mining software from the NiceHash marketplace.
VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
Software-Defined Enterprise Content Delivery Networks (SD ECDNs) are virtual networks that allow businesses to share large files - like upgrades - at high speeds, regardless of whether they use legacy network infrastructures.
A new mobile malware family, dubbed GnatSpy, that may be a much more dangerous variant of the earlier VAMP malware, has been reported in the wild.
Security researcher Michael Myng found a keylogger code that records every stroke typed, pre-installed into HP laptop software drives in models of computers dating back as far as 2012.
A pair of security updates released by the Apache Software Foundation patch vulnerabilities in Apache Struts versions 2.5 to 2.5.14 that would let a remote attacker take control of a system, according to a US-CERT alert.
Some IoT devices have no update capability whatsoever so it's important to focus more on software security; developed using best practices, tested for vulnerabilities, and able to ensure the authenticity and integrity of updates.
A root access flaw in Apple's macOS High Sierra 10.13.1 makes it possible for anyone to log into the system by typing "root" into the name field.
Phil Codd says software failures caused US$ 1.1 tn losses to businesses in 2016, demonstrating that it is time to pay attention to the main causes of IT system failures or risk financial loss and reputational damage.
Microsoft is claiming that the latest version of Windows 10, the Fall Creator's Update, is the most secure version of the operating system yet released.
Following the US Federal ban on Kaspersky Lab products the company has launched a Global Transparency Initiative, providing its source code for third-party review and opening three transparency centres internationally.
A trojanised version of Elmita's Elmedia Player software was seen being distributed via the company's own official site in the late hours of 20 October 2017.
Oracle Corp's quarterly Critical Patch Update (CPU) has fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.
SQL injections and cross-site scripting vulnerabilities are among the flaws found in OpenText Document Sciences xPression.
Cisco released a series of updates to address vulnerabilities affecting its IOS and IOS XE products one of which could have allowed remote code execution in both products.
Applications themselves should have security built in that detects that the application is being pushed to the background says Giovanni Verhaeghe. Then any user input should be blocked and the placing overlay eliminated
Google project zero team researcher Ivan Fratric discovered 31 bugs in the DOM engines of Safari, Edge, Internet Explorer, Firefoxand Chrome browsers.
Acting on concerns that Russian company Kaspersky Lab has connections to cyber-espionage activities, the US government has banned the use of Kaspersky Lab security software.
A programming error in the Microsoft Windows kernel might inhibit security software vendors and kernel developers from properly identifying modules loaded during runtime.
81 percent of software developers avoiding asking their manager for advice. For 41 percent, YouTube is the first go-to place for developers to learn new programming tricks.
Cloud-based unified communications services provider Fuze earlier this year repaired three vulnerabilities in a customer web portal.