The maintainers of the OpenSSL library, one of the more widely deployed cryptographic libraries on the Web, have fixed a serious vulnerability that could have resulted in the revelation of 64 KB of memory to any client or server that was connected.
Security researchers discovered an odd DDoS attack against several sites recently that relied on a persistent cross-site scripting vulnerability in a major video Web site and hijacked users’ browsers in order to flood the site with traffic. The attack on the unnamed site involved the use of injected Javascript on the site which would execute in […]
Facebook announced it will increase payouts for critical vulnerabilities on most of its properties as part of its bug bounty program.
Microsoft will ship two critical and two important rated security bulletins in its last patch Tuesday release providing support for the windows XP operating system.
U.S. regulators are warning banks about a recent rash of ATM fraud and the ongoing risks DDoS attacks targeting public websites can pose.
The one threat that some experts have warned about for years and has never emerged is cyber terrorism, a former top U.S. intelligence official said.
Upset with the vulnerability handling process at Oracle, researchers yesterday disclosed over two dozen issues with the company’s Java Cloud Service platform.
Apple has updated its Safari browser, dropping a pile of security fixes that patch more than 25 vulnerabilities in the WebKit framework.
Surveillance DVRs infected with Bitcoin mining malware scanning for network attached storage devices on port 5000.
When the venerable Full Disclosure security mailing list shut down abruptly last month, many in the security community were surprised. But a lot of people, even those who had been members of the list for a long time, greeted the news with a shrug. Twitter, blogs and other outlets had obviated the need for mailing […]
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
