Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox. That vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities[…]
Researchers from ZScaler have uncovered a new scheme where criminals are using malversting to redirect to pages hosting the Magnitude exploit kit and the CryptoWall ransomware.
There’s an easily exploitable vulnerability in the Android stock browser that enables an attacker to spoof the URL in the address bar and force a victim to visit a malicious site while believing he is visiting a benign one. Security researcher Rafay Baloch discovered the vulnerability and developed the technique for exploiting it. The problem[…]
A coalition of 150 tech companies and privacy champions sent a letter to President Obama urging him to reject any proposals mandating backdoor access to software and devices.
A collection of research scientists, with help from the IEEE Cybersecurity Initiative, have released a new set of guidelines for developers to take into account to ensure security figures into how medical devices are coded.
The so-called Deputy Dog APT group has surfaced again with a means of keeping its command and control servers under wraps that involves Microsoft’s TechNet online resources.
Penn State announced that its school of engineering was the victim of a more than two-year long cyberattack perpetuated by advanced persistent threat groups.
Oracle on Saturday released its patch for the VENOM vulnerability, a guest escape flaw that affects many virtualization platforms.
The attackers behind the TeslaCrypt ransomware, which is one of the newer entries on the scene, may not be making as much money yet as some of their more experienced competitors, but researchers say that their malware is having a profound effect on victims. Like many other pieces of ransomware, TeslaCrypt often spreads with the[…]
A group of Polish researchers is claims there are still several outstanding vulnerabilities in Google App Engines, including three complete Java sandbox escapes.