Eduard Kovacs

After Mozilla announced that it might ban new certificates issued by Chinese certificate authority (CA) WoSign and its subsidiary StartCom for at least one...

Researchers at vulnerability management services provider Digital Defense have identified a total of six flaws in the administration interface of EMC VMAX enterprise storage...

An update released last week for the OpenJPEG library addresses several bugs and important security issues, including a flaw that can be exploited to...

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) last week published its annual vulnerability coordination report for the fiscal year 2015. The report...

Researchers have disclosed a theoretical attack scenario that could allow global or semi-global adversaries to leverage Domain Name System (DNS) traffic to deanonymize Tor...

A hacker has released the source code of Mirai, the Internet of Things (IoT) malware used to launch massive distributed denial-of-service (DDoS) attacks against...

A report made available this week by the U.S. Government Accountability Office (GAO) shows that the Food and Drug Administration (FDA) needs to address...

Cisco inadvertently introduced a critical vulnerability in its email security appliances by forgetting to remove an internal testing interface from software releases made available...

Building automation products from American Auto-Matrix are affected by a couple of high-severity vulnerabilities that allow remote hackers to compromise the affected system, ICS-CERT...

The RIG exploit kit recently stopped distributing Tofsee and cybercriminals have decided to use the botnet’s own spamming capabilities to deliver the malware, Cisco’s...

Companies are spending millions on bug bounty programs whose goal is to identify vulnerabilities, but it might be more efficient to take a proactive...

A member of the Syrian Electronic Army hacker group arrested earlier this year in Germany has pleaded guilty to hacking and extortion charges before...

Two Russia-linked threat groups have been targeting citizen journalists investigating Moscow’s involvement in the downing of Malaysia Airlines flight MH17 in July 2014 as...

An investigation conducted into the two Yahoo security incidents disclosed recently revealed the existence of a connection and led researchers to believe that the...

A firmware update released by Siemens this month for some of its industrial network security products fixes a vulnerability that could expose potentially sensitive...

Facebook announced on Tuesday the availability of an osquery version that can be used by security teams to quickly identify and analyze threats on...

Updates released this week by the Internet Systems Consortium (ISC) for the DNS software BIND address two vulnerabilities, including a new high-severity issue that...

An extensive analysis of the hybrid Trojan dubbed GozNym has allowed Cisco researchers to reverse engineer its domain generation algorithm (DGA) and start sinkholing...

Google has released new tools and documentation designed to help developers mitigate cross-site scripting (XSS) attacks using the Content Security Policy (CSP) standard.

The hosting provider OVH continues to be targeted by massive distributed denial-of-service (DDoS) attacks powered by a large botnet capable of generating significant attack...