In an effort to head off the problem of malicious or misbehaving browser add-ons, Mozilla is planning to require developers to have their Firefox extensions signed by the company in the near future. As much of users’ computing has moved into their browsers in the last few years, extensions and add-ons have become important tools.[…]
Browsing Category: Web Security
Facebook announced ThreatExchange, an API-based platform for the exchange of attack and threat data.
Details were released on two Microsoft Group Policy vulnerabilities affecting all Windows machines going back to Windows Server 2003. The flaws were addressed in separate Patch Tuesday security bulletins.
Microsoft released its February 2015 Patch Tuesday security bulletins, including a massive update for Internet Explorer and a patch for a Windows zero day disclosed by Google.
In the wake of news-making attacks on Sony Pictures, Home Depot and many others, the federal government is establishing a new information integration center to focus on cyber threats.
A dump of 10 million sanitized usernames and passwords was released online, sparking debate over its legality in light of proposed changes to the Computer Fraud and Abuse Act.
The popular remote access tool PlugX enjoyed an ascent in popularity in 2014 and is now a go-to malware for attack groups.
The appetite for Twitter user data from governments around the world continues to grow, with the volume of such requests increasing by 40 percent in the second half of 2014.
More than two months after the original advisory went out, Siemens has released patches for a pair of critical vulnerabilities in some versions of its Simatic WinCC SCADA product that remained vulnerable. Both of the vulnerabilities are remotely exploitable and have potentially damaging consequences for companies running affected versions of the product. One of the[…]
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.