Hardware hacker Samy Kamkar has developed an anonymization device called ProxyGambit that improves upon ProxyHam, the device that was supposed to be unveiled at DEF CON.
iSight Partners provides details on an Office zero day patched this week that was used by the prolific APT 28 gang.
Google is expanding the use of its Safe Browsing mechanism to warn users about a broader variety of unwanted software, in addition to the warnings they see regarding phishing pages, malware, and other threats.
A slew of routers manufactured in China are fraught with vulnerabilities, some which have existed in products for as long as six years.
An authentication bypass vulnerability in a Siemens device that’s used in energy automation systems could allow an attacker to gain control of the device. The vulnerability is in the Siemens SICAM MIC, a small telecontrol system that performs a number of functions and includes an integrated Web server and several other features. “The devices consist of[…]
A paper, expected to be presented at USENIX, describes new attacks against RC4 that make plaintext recovery times practical and within reach of hackers.
Officials worldwide culminated an 18 month effort this week to takedown Darkode, a cybercrime forum where hackers fraternized and shared malware, credit card information and more.
Microsoft ended security support for existing Microsoft Security Essentials customers running Windows XP, a little more than a year after support officially ended
A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The rules proposed by the department’s Bureau of Industry and Security in[…]
Oracle has released its quarterly patch update, which includes fixes for nearly 200 vulnerabilities. The most notable bug fixed in this release is the Java zero day that’s been used in an ongoing attack campaign. The massive release from Oracle has patches for a long list of products, but the Java vulnerabilities are the heart[…]