Richard Moulds takes a look behind recent crypto vulnerability headlines - the ability to calculate the private key of an RSA keypair purely by knowing the public key - and asks if they are a prelude to a 'cryptoapocalypse'.
Cisco has patched a critical flaw in its Voice-OS which could allow an unauthenticated, remote hacker to gain elevated access to 12 types of its products.
Adobe's November Patch Tuesday included 83 patches, including fixes for five critical-rated issues in Flash Player. Reader and Acrobat, by themselves, generated more than five dozen CVEs.
Microsoft's November Patch Tuesday rollout included patches 53 flaws, 20 rated critical, spread across a variety of products, including Edge, Internet Explorer, Windows and Office.
Developers leave API credentials in applications built on Twilio telephony platform allowing phone call eavesdropping.
A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.
Trustwave researchers revealed a vulnerability in Brother consumer and business printers and multi-function devices that can allow a denial of service attack. Brother UK responds.
Setting standard configurations based on industry best practices, and continuously monitoring for changes from that baseline enable quick identification of a misconfiguration that could be exploited and address it, before the breach.
Apple iOS 11, Apple has QR scanning functionality enabled by default which Elad Ben-Meir says can effectively make anyone scanning the QR code matrices with Apple devices vulnerable to unknowingly uploading malicious code.
The Tor Project released a patch fixing an issue that could reveal the correct IP address of MacOS and Linux users using the Tor browser.
Weak cryptography in a standard developed by the IEEE could result in hackers bypassing encryption safeguards to steal intellectual property in plaintext, scientists discover.
Phil Codd says software failures caused US$ 1.1 tn losses to businesses in 2016, demonstrating that it is time to pay attention to the main causes of IT system failures or risk financial loss and reputational damage.
Apple has finally addressed the KRACK vulnerabilities in its latest macOS High Sierra, Sierra, El Capitan, iOS 11.1, tvOS and watchOS.
A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports - now fixed.
Apache OpenOffice patched four medium vulnerabilities in the suites word processing and graphics apps.
A bug in T-Mobile's wsg.t-mobile.com API may have allowed attackers to access customer data that can be used to carry out phishing attacks or worse.
LG patches holes in its IOT device range following cooperation with CheckPoint, including patching vacuum cleaners which could have become digital spies in the home.
Backdoor account and blind SQL attacks vulnerability found in AmosConnect 8 satellite comms equipment used in shipping.
Security researchers warn that hard-coded encryption keys put security at risk due to flaw in random number generator. Stop using X9.31 generator say researchers.
A quarter of financial service employee mobile devices have unpatched vulnerabilities, according to a recent Symantec report.
If the Google Play Security Reward Programme doesn't seem like a typical bug bounty programme, that's because it isn't.
Oracle Corp's quarterly Critical Patch Update (CPU) has fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.
ROCA proof of concept attacks threaten RSA encrypted devices as far back as 2012 - patches need updating now.
In 2013 Microsoft discovered that hackers had breached the secret internal database it uses to track vulnerabilities, it then quietly upped its security, segmenting the database from its network and compelling two-factor authentication.
Every single implementation of Wi-Fi in existence is vulnerable to a new exploit unveiled by researchers.
Although Secure Shell (SSH) keys provide the highest levels of administrative access they are routinely untracked, unmanaged and poorly secured according to a recent report by Venafi.
The Estonia government issued an update on a vulnerability potentially affecting digital use of ID cards issued since October 2014.
Mozilla issued a security update stating that the newly released Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4 patch 10 vulnerabilities, two rated critical, five high and three moderate found in earlier iterations of the software.