Human machine interface software from Rockwell Automation has been patched, protecting users from a vulnerability in the way stored passwords are protected.
Microsoft security products will begin detecting software containing search protection functions and classifying it as malicious on June 1.
Influential security researchers have begun publishing their comments, objections and concerns regarding the proposed U.S. export control rules under the Wassenaar Arrangement.
Users of the Internal Revenue Service’s Get Transcript service are at risk for identity theft after hackers accessed tax records belonging to more than 100,000.
Nitlove and several new versions of PoSeidon can be added to the growing heap of point-of-sale (POS) malware discovered this year.
Researchers from Core Security were able to exploit a security vulnerability in Windows’ group policy — MS15-011 — that was patched by Microsoft in February.
French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. Cloud Station is a system that allows users to sync files across a number of devices. The system saves changes to files on[…]
Dennis Fisher and Mike Mimoso talk about the Logjam attack, the proposed Wassenaar export rules on exploits, and the letter to the president decrying crypto back doors.
Email security vendor Sendio has patched a pair of remotely exploitable security bypass vulnerabilities in its Sendio ESP, or Email Security Platform, product.