IDG News Service - Researchers from security vendor AlienVault have identified a variant of a recently discovered Internet Explorer exploit that is used to infect targeted computers with the PlugX remote access Trojan (RAT) program. The ...
Tags: IE, malware, Internet Explorer, website
A hacker is selling a$700 zero-day exploit for Yahoo Mail that lets an attacker use a cross-site scripting(XSS)vulnerability to steal cookies and hijack accounts. The hacker,known as"TheHell",created a video to market the exploit on an ...
Tags: hacker, Yahoo mail
IT often virtualises new applications and workloads by default.Virtualisation is now the norm,deploying a physical server the exception.Yet,a third of companies admit they have not invested in security for their virtual computing ...
Attackers can read emails, contacts and other private data from the accounts of Yahoo users who visit a malicious page by abusing a feature present on Yahoo's Developer Network website, says an independent security researcher. A limited ...
Tags: Attackers, emails, private data, Yahoo users
Web and mobile device users have little understanding about how much of their personal data is collected online, making it difficult to rely on free-market competition for solutions to privacy concerns, privacy experts told the U.S. Federal ...
Tags: web, mobile device, users, free market, online privacy
Three widely deployed payment terminals have vulnerabilities that could allow attackers to steal credit card data and PIN numbers, according to a pair of security researchers from penetration testing firm MWR InfoSecurity in the U.K. The ...
Tags: payment terminals, MWR InfoSecurity, credit card data, PIN numbers
SMS text messaging is certainly not exclusive to Apple or its iconic iPhone smartphone. But, apparently there is something unique about the way Apple delivers SMS messages that makes the iPhone particularly vulnerable to spoofing or ...
Tags: SMS text messaging, Apple, iPhone, smartphone, smishing attacks
The recently launched Adobe Reader and Adobe Acrobat XI come with new security features and an improved sandbox that will make the products harder to attack and exploit, according to Adobe. The sandboxing feature known as the Protected ...
Tags: Adobe Reader, Adobe Acrobat XI, security features, sandbox
A security researcher claims that he found 23 vulnerabilities in industrial control software from several vendors after a different security company last week showcased vulnerabilities in applications from some of the same manufacturers, ...
Tags: security researcher, vulnerabilities, industrial control software
A researcher who discovered a security flaw in Ubisoft's Uplay gaming application said PCs used for gaming should be isolated from business and other networks. "I air-gap the machine I use to play games," said Tavis Ormandy, a Google ...
The Information Commissioner's Office is to investigate claims that Tesco's website does not offer sufficient privacy protections to customers. The UK privacy watchdog's probe comes after security experts raised a number of privacy ...
Tags: watchdog, Tesco Website, privacy protections, security problems
CoDeSys, a piece of software running on industrial control systems (ICS) from over 200 vendors contains a vulnerability that allows potential attackers to execute sensitive commands on the vulnerable devices without the need for ...
Tags: CoDeSys, software, ICS, vulnerability
IDG News Service - Java vulnerabilities are increasingly exploited by attackers to infect computers, and the problem could become worse if Oracle doesn't do more to secure the product and keep its installation base up to date, according to ...
Tags: Java vulnerabilities, computers, Oracle, Flash Player, Adobe Reader
Computerworld - Microsoft today confirmed that it will patch a vulnerability in Windows next week that has been exploited by an increasing number of attacks. Initially, experts wondered whether Microsoft would patch the XML Core Services ...
Tags: Microsoft, Windows, software, computer products
A variation of the recently disclosed attack that can wipe data from Samsung Android devices when visiting a malicious Web page can also be used to disable the SIM cards from many Android phones, researchers say. Ravishankar Borgaonkar, a ...
Tags: USSD, SIM Cards, Samsung, Android Devices