Lenovo has patched two serious vulnerabilities in Lenovo System Update that can allow hackers elevate privileges and guess admin passwords.
An attacker working off domains belonging to Chinese registrar BizCN has been moving the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.
A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed.
Two more self-signed root certificates and corresponding private keys were found on Dell computers.
Thousands of cable modems manufactured by the Georgia-based telecom Arris suffer from a series of issues: XSS and CSRF vulnerabilities, hard-coded passwords, and what a researcher is calling a backdoor in a backdoor.
Different models of Dell computers have shipped with a preinstalled root certificate and private key, opening the machines up to man-in-the-middle attacks.
RSA has uncovered GlassRAT, a spy tool targeting commercial targets that’s signed with a stolen certificate from a large developer in China.
Starwood Hotels and Resorts, a company that owns and operates approximately 1,200 hotels across North America, announced last week that a handful of point of sale systems at its hotels were hit by malware.
VMware patched a number of its products vulnerability to an XML External Entities vulnerability in the Apache Flex BlazeDS product integrated into VMware.
The German government published the results of its audit of open source disk encryption package TrueCrypt and gave it a relative clean bill of health.