Health care device manufacturer Natus Medical Incorporated has reportedly updated the software used in its Xltek EEG products, which monitors brain activity, after a researcher discovered five vulnerabilities that could be exploited.
Malware impersonates Kaspersky antivirus. Security researchers have found malware that steals credentials while pretending to be anti-virus software from Kaspersky.
The UK is responding to finding itself in conflict with Russia by flaunting its cyber-skills and promoting exports to its allies with a new cyber security export strategy.
The hackers who injected malicious code into a version of computer maintenance app CCleaner last year may have been preparing to deliver third-stage malware to some of the 2.27 million computers that had downloaded it.
All ransomware is a nightmare but Annabelle is a real horror, appearing more designed to 'show off the skills' of the developer who created it, rather than real a bid to raise ransom payments.
As a security topic in its own right, API security and API vulnerabilities are still relatively unknown to most organisations and even many security professionals.
The company FlightSimLabs found itself in the odd position of having to remove malware it had installed on some versions of its software as part of the digital rights management package after it was discovered by a Redditor.
Even with a layered defence in place, it cannot be left to stagnate as the nature of threats will change over time and older defences may not be designed to combat new attacks.
The total number of reported vulnerabilities in Microsoft's software products, including those in the new Windows 10 operating system, rose over two-fold in the last four years and critical vulnerabilities rose by 60 percent.
US Republican senator Lamar Smith threatened to subpoena the US Department of Homeland Security for documents related to the US federal government's purge of products made by the Russian software firm.
The Software Engineering Institute at Carnegie Mellon University (KB CERT) posted an advisory warning stating the Pulse Secure VPN Linux graphic user interface (GUI) fails to validate SSL certificates.
Bomgar has acquired Lieberman Software to help boost the company's secure access software portfolio and giving it access to Lieberman's privileged identity and credential management technology.
Cisco Systems on Wednesday issued a security update that fixes a high-severity denial of service vulnerability in release version 5.3.4 of its IOS XR Software for the Aggregation Services Router (ASR) 9000 Series.
Cisco's latest security update patches an Adaptive Security Appliance (ASA) software vulnerability that could allow an attacker to gain complete control of an affected system.
Hardware and electronics manufacturer Lenovo disclosed an insecure credential storage vulnerability in its Fingerprint Manager Pro utility software, which can be exploited for local privilege escalation on a variety of systems.
Security researchers recently observed an unknown threat actor attempting to deploy a Monero cryptocurrency miner software to users' systems by leveraging Kaseya Ltd's Virtual Systems Administrator (VSA).
A handful of tech companies have given a Russian defence agency the opportunity to sort the source code of their software, to uncover vulnerabilities that the Russians say could be exploited by bad actors.
Kaspersky filed an injunction Wednesday challenging the US government's ban of the software company's products, arguing that the US Department of Homeland Security didn't give it an opportunity to contest the purported evidence.
Adobe's Flash Player may gain a lot of negative headlines, but when it comes to the most frequented targeted software Microsoft Office and Windows beat out the much maligned Adobe software.
A recent HackerOne survey found that some bug bounties bounty-hunters are earning more than 16 times what they would have earned as a software engineer in their own country.
A North Korean cryptominer is raising questions as to whether it is an educational tool or a prototype to carry out silent attacks on unsuspecting CPUs.
Cyber-criminals launched a cyber-attack using the official website of a Ukraine-based accounting software developer to distribute a new variant of Zeus over a Ukrainian holiday.
Developers aren't choosing to ignore security issues - they don't have the skills or resources to create secure code due to a critical deficit in developer security training, especially how to manage vulnerable components effectively.
A reported chip flaw in Intel processors that has existed at least for the last 10 years allows software programs to access content in kernel memory and patching the bug.
Existing software development and security methodologies may need to be modified to better support a new way of developing, running, and supporting applications made possible by containerisation.
Happy New Year! SC Media UK resumes news reporting on 2 Jan 2018. During the break, catch up on our experts' predictions for a range of positive and negative futures, from the impacts of AI to likely new Zero days.
Adversaries are using the lure of free online software downloads to infect unknowing victims with a customised version of cryptocurrency mining software from the NiceHash marketplace.
VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
Software-Defined Enterprise Content Delivery Networks (SD ECDNs) are virtual networks that allow businesses to share large files - like upgrades - at high speeds, regardless of whether they use legacy network infrastructures.
A new mobile malware family, dubbed GnatSpy, that may be a much more dangerous variant of the earlier VAMP malware, has been reported in the wild.