After the dust had started to settle in the wake of the OpenSSL Heartbleed vulnerability earlier this month, one of the common sentiments that emerged was that the small group developing and maintaining the software needed some help. And money. And resources. But mostly money. Now, the OpenSSL Foundation, along with a number of other[...]
The Apache Software Foundation will re-issue at patch for a ClassLoader manipulation zero-day vulnerability in Struts. The fix is expected to be ready within 72 hours; a workaround is available.
A vulnerability in NetSupport Manager could yield sensitive configuration settings and lead to compromise.
DDoS attacks are growing in scale and volume, and experts say attackers are also using them as a cover for secondary attacks resulting in financial fraud or loss of intellectual property.
Mozilla is offering a $10,000 bug bounty for serious security vulnerabilities in a new cryptography library it plans to release along with Firefox 31.