An audit of 1,000 open-source serverless applications carried out by serverless security company PureSec has revealed that 21 percent of such applications feature critical security vulnerabilities that can be exploited.
Cisco Talos has detailed several vulnerabilities found in four Rockwell Automation Allen-Bradley MicroLogix 1400 Programmable Logic Controllers that are used in conjunction with industrial control systems.
Github announced the discovery of more than four million vulnerabilities located in 500,000 plus repositories. In 2017, the code sharing site started vulnerability scanning for known Common Vulnerabilities and Exposures.
Patch Tuesday Adobe included updates for Adobe Flash Player, Adobe Connect, and Adobe Dreamweaver with seven critical vulnerabilities.
Unpatched security vulnerabilities in the 4G LTE protocol allow anyone to connect to a network by impersonating a victim's phone without possessing legitimate credentials, launch DDoS attacks, and hijack a phone's paging channel.
Kaspersky Lab has upped the high end of its bug bounty rewards program to US$ 100,000 (£72,000) for severe vulnerabilities that allow remote code execution (RCE) through the database update channel.
MeltdownPrime and SpectrePrime could trick systems into leaking data. Security researchers have found new ways to exploit the Meltdown and Spectre vulnerabilities that have plagued modern CPUs.
A social engineer will start by gathering Open Source Intelligence (OSINT) and the sleuthing continues using social media, finally giving the company an overview of their security posture without losing any of the data taken on the job.
Security researchers recently unearthed up to nine security vulnerabilities in Dell EMC's Isilon OneFS platform that could allow remote attackers to launch social engineering attacks and subsequently access the Isilon systems at root.
The total number of reported vulnerabilities in Microsoft's software products, including those in the new Windows 10 operating system, rose over two-fold in the last four years and critical vulnerabilities rose by 60 percent.
The amount of illegal cryptocurrency mining that is now taking place makes keeping track a difficult task, but here is a quick roundup of what was has been spotted over the last few days.
A new version of a familiar menace, AndroRAT, has emerged from out of the trash to exploit long forgotten vulnerabilities.
Microsoft patched nearly 50 vulnerabilities this month, including patches for an Adobe Flash Player zero-day vulnerability that was announced earlier this month.
Adobe's Patch Tuesday updates included security updates for Adobe Acrobat and Reader for Windows and Macintosh to address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
Several Smart TVs from Samsung and others using the Roku TV platform, as well as media players from that company, are susceptible cyber-attacks, according to Consumer Reports, a claim denied vehemently by Roku.
With enterprises struggling with a massive shortage of experienced cyber-security professionals, today's CISOs are placing more faith in machine learning which they believe will be important to their IT security functions.
Adobe Systems today released a critical security update for a pair of vulnerabilities in Flash Player, one of which has been actively exploited in phishing attacks attributed to North Korean APT actor Group 123.
NSA exploits stolen by hacker Shadow Brokers can be tweaked to exploit vulnerabilities in all versions of Windows, including Windows 10 - so deploy the MS17-010 security update from Microsoft as soon as possible.
Core Security issued an advisory for multiple vulnerabilities it found in Kaspersky Labs' Secure Mail Gateway that if left unpatched could lead to administrative account takeover.
Cryptocurrency miners have begun using two older and already patched vulnerabilities to compromise servers to mine the Monero digital currency.
Intel is recommending that vendors and end users stop deploying the current version of its patch designed to fix the Spectre/Meltdown vulnerabilities that were discovered in most of the company's processors.
Cisco Systems on Wednesday issued 26 security updates to fix an array of vulnerabilities, including high-impact bugs in its Unified Customer Voice Portal (CVP), its NX-OS Software, and its Email Security Appliance (ESA).
Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.
High-profile cyber-security incidents continue to appear due to the mistake of companies not applying patches to known vulnerabilities according to Tripwire research.
Apple followed up on its promise last week and rolled out updates for macOS High Sierra, Safari and iOS to patch the Spectre vulnerabilities CVE-2017-5753 and CVE-2017-5715 in Intel's processor family.
A GulfTech researcher spotted multiple vulnerabilities In Western Digital's MyCloud products, some of which could lead to remote code execution and unauthorised access.
Attackers exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.
Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.
A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.