WordPress.org released version 4.8.2 of its content management system that fixes nine security issues, five of which involve cross-site scripting (XSS) vulnerabilities.
With the launch of iOS 11 and the Apple Watch, researchers note Apple's iOS 11 update included eight CVEs that patched vulnerabilities in iBooks, Mail MessageUI, Messages, MobileBackup, Safari, and Webkit.
Equifax said a breach it discovered in March was not related to the second in September though the hackers were reportedly the same, and the same vulnerability in Apache Struts was exploited in both incidents.
By triggering the recently discovered CVE-2017-12809 vulnerability in QEMU before malicious behaviour occurs, an attacker can force security products to classify malicious files as benign.
MacOS High Sierra protections can be bypassed, but will make security researchers and companies work more difficult
Bluetooth technology is overlooked by security experts and bug hunters in comparison to other protocols. The highly eclectic and fragmented nature of devices relying on Bluetooth means that some may never issue secure updates.
The Bashware vulnerability allows attackers to take advantage of built-in Linux shell to bypass security software.
Adobe issued a light load of Patch Tuesday security updates today releasing only eight, with five rated critical with two of these affecting Flash Player.
Patch Tuesday security updates includes a fix for a zero-day flaw found in the wild and used to target Russian speakers along with the details on the BlueBorne vulnerability that potentially impacts five billion Bluetooth devices.
Cisco Systems has issued a pair of advisories warning users that several of its products have been affected by vulnerabilities recently discovered in the Apache Struts 2 open-source web application framework.
By following best practices and incorporating security measures when setting up an email server, you will be able to protect yourself from the most frequent and dangerous scenarios says Marcell Gogan.
A new vulnerability has been discovered affecting older versions of the Google Android Platform.It can be used to easily enable an "overlay attack", tricking the user into unwittingly installing malware onto the device.
A programming error in the Microsoft Windows kernel might inhibit security software vendors and kernel developers from properly identifying modules loaded during runtime.
Cyber-criminals gained unauthorised access to Equifax files in a breach that could affect as many as 143 million consumers in the US, the company said Thursday.
The app-blended lifestyle poses problems for CIOs, CISOs and those responsible for keeping an organisation safe and secure. Mike Hemes, says shadow IT is a real issue and one we can only see increasing over time.
The Apache Struts Software Foundation has released an update to its open-source web application framework to fix a critical remote code execution vulnerability
90 percent of enterprises still recording exploits for vulnerabilities that are more than three years old, and 60 percent for vulnerabilities more than ten years old says Fortinet report, with twice as many attacks at weekends.
Cloud-based unified communications services provider Fuze earlier this year repaired three vulnerabilities in a customer web portal.
Your emails can be changed after they have been delivered, corrupting your records and introducing malicious urls using the Ropemaker vulnerability.
In Case You Missed It: UK data protection; Is AI weaponised; Is Malwaretech; innocent?; Mandiant leak; WiFi vulnerabilities
A flaw in Adobe Flash could have allowed hackers to discover Windows user credentials. Hackers can find out user details with this one simple trick.
The popular and inexpensive international texting app SMS touch has been found to send critical data in cleartext making the users susceptible to hackers.
If researchers paid more attention to the Shadow Brokers dump of alleged National Security Agency hacking tools back in April, the WannaCry and NotPetya attacks may have never happened.
A review of Fuzz Testing results from various industries in 2016 showed the overall average time to first failure (TTFF) was 1.4 hours, meaning testers are taking less time to find vulnerabilities than in 2015.
A Russian mathematician and programmer attempted to extort an Australian gambling company of £10 million or more after cracking the spin sequence on several of the firm's poker machines.
Cyber-attack on photovoltiac panels could bring down power and have a domino effect on the rest of the electricity supply, both nationally and potentially, continentally.
Microsoft had a busy month patching flaws with nearly 50 security issues fixed, many of which have a severity rating of critical" or "important" with remote code execution vulnerabilities.
The level of security of Wi-Fi networks and user awareness regarding information security has fallen significantly; a Positive Technologies security audit says mostly due to common vulnerabilities not needing much skill to implement.