Vulnerabilities

The FBI Cyber Division has sent a warning to some of the world's top corporations about a coordinated campaign of denial of service attacks and hacking, scheduled for Friday, May 25. Read more »

Just a few days after releasing Chrome 19, Google has updated the browser again, fixing 13 vulnerabilities, including two critical bugs.  Read more »

More than three months after it was patched, attackers are still using a vulnerability in Adobe's Flash product in targeted, 'APT-style' attacks.  Read more »

Browsers are a really nice target for attackers of all stripes and skill levels. But, unless you're a savant or have just landed here from the future, you may want to take a pass on going after Google Chrome, judging by the insane level of effort and skill that an anonymous security researcher had to deploy in order to compromise Chrome during the company's Pwnium contest in March. Read more »

Attackers using a feature that is common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan. Read more »

Users who receive e-mails that appear to come from Facebook asking if they’d like to cancel their accounts should beware that it’s more than likely an attempt to install malware on their computers. Read more »

Blizzard Entertainment's update to the mega-popular Diablo game franchise hit a major snag over the weekend, after users started peppering support boards and the company with reports of raided accounts, missing virtual "gold" and mysterious new friends.  Read more »

Since the beginning of recorded time, security researchers, software vendors and hackers have been issuing security advisories in all kinds of nutty formats. Some feature excellent ASCII art, some have clever inside jokes and some come from Microsoft. Now, there's a effort underway, called the Common Vulnerability Reporting Framework, to standardize the way that vulnerabilities are reported so that they're in a common, machine-readable format.  Read more »

A recent string of Web site hacks at Amnesty International and other NGOs are evidence of a campaign of cyber espionage directed against human rights orgnaizations, according to a report from The Shadowserver Foundation. Read more »

In a bulletin, the Department of Homeland Security (DHS) is warning healthcare organizations about the threat posed by insecure, network attached medical devices and the proliferation of smart phones, tablet PCs and other mobile devices in medical settings. Read more »