Amazon’s new Certificate Manager is providing SSL certificates for free to AWS customers but experts warn it’s only a matter of time before they’re exploited.
Government agencies have until Feb. 4 to audit their IT infrastructure for the use of backdoored Juniper Networks’ Netscreen firewalls.
Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.
Researchers believe a single group, Scarlet Mimic, is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists.
OpenSSL announced that it will release updates for 1.0.2f and 1.0.1r that patch two high-severity vulnerabilities.
FreeBSD has patched a kernel panic vulnerability is versions compiled to support IPv6 and SCTP.
Lenovo’s SHAREit file-sharing app for Windows and Android has been patched against vulnerabilities that put private data at risk.
AMX, a provider of audio-visual conferencing gear used in sensitive government and military locations, has removed a “deliberate” backdoor in one of its central controller system products.
Mike Mimoso and Chris Brook discuss the week in news, including the Linux zero day–how it was patched in Android, Twitter users who are still looking for answers, and bot fraud.
Apple addressed a nasty bug that lingered in the wild for nearly three years and could have let an attacker steal cookies and impersonate victims.