Hackers are exploiting a zero-day vulnerability in Java 7, security experts said today. The unpatched bug can be exploited through any browser running on any operating system, from Windows and Linux to OS X, that has Java installed, said ...
Tags: vulnerability, Java 7, Macs, Windows and Linux, OS X
Microsoft today released an emergency patch for Internet Explorer (IE) to stymie active attacks that have been exploiting a bug in the browser, finishing a job it started only Monday. "Let's call it five days from advisory to patch," said ...
Tags: Microsoft, emergency patch, IE, stymie active attacks, bug
Medical devices often use commercial PCs and have wireless connections that make them vulnerable to malware, or require software updates for security, but the U.S. may not be doing an adequate job tracking these risks, researchers ...
Tags: Medical-Device Security, security IT, malware, computer technology
Microsoft today patched 20 vulnerabilities in Word, Office, Windows, SharePoint Server, SQL Server and other products in its portfolio, including a critical bug in the company's popular Word program and another already used to attack the ...
Tags: Microsoft, vulnerabilities, Word, Office, Windows, SharePoint Server
Pacemakers from several manufacturers can be commanded to deliver a deadly, 830-volt shock from someone on a laptop up to 50 feet away, the result of poor software programming by medical device companies. The new research comes from ...
Tags: Pacemakers, shock, laptop, software programming, medical device companies
A sophisticated cyber surveillance tool that monitors financial transactions with Middle Eastern banks was probably built by or under the auspices of a government, security researchers said today. Early Thursday, Moscow-based Kaspersky ...
Tags: cyber, financial transactions, Middle Eastern, banks, security
IDG News Service - Adobe plans in February to close a dangerous hole in its Shockwave application that causes the application to be downgraded when a user launches older multimedia content, allowing hackers to target years-old ...
Tags: Adobe, close, dangerous hole, Shockwave application
The latest Java zero-day vulnerability is already available to users of the Metasploit tool and Blackhole exploit kit, say security researchers. The Java vulnerability allows attackers to use a custom web page to force systems to download ...
Tags: Metasploit tool, custom web, coded Java, security, FireEye
Mozilla yesterday took the unusual step of yanking Firefox 16 from distribution just a day after its release. The company said a critical vulnerability triggered the move. The bug was apparently overlooked by Mozilla while it was ...
Tags: Mozilla, yanking Firefox 16, distribution, critical vulnerability
Microsoft may have known about last week's Internet Explorer (IE) zero-day bug for some time, according to its security advisory. The vulnerability, which was patched Friday in an emergency, or "out-of-band," update, first became public ...
Tags: Microsoft, IE, bug, vulnerability
Samsung said Wednesday it is working on an update for a software flaw that could allow attackers to siphon personal data from a phone. The vulnerability affects Samsung's S2 and S3 phones and several models of its Galaxy line, including ...
Tags: Samsung, software flaw, siphon personal data, phone
Samsung said Wednesday it is working on an update for a software flaw that could allow attackers to siphon personal data from a phone. The vulnerability affects Samsung’s S2 and S3 phones and several models of its Galaxy line, ...
Graphics chip maker Nvidia released a new version of its Unix driver on Friday in order to address a high-risk vulnerability that can be exploited by local users to gain root privileges on Linux systems. The privilege escalation ...
Tags: graphics chip, Nvidia, Unix driver, high risk vulnerability
Criminals are sending malicious emails that purport to come from payroll services firms in order to infect with malware the computers of payroll administrators from various companies, according to researchers from the SANS Internet Storm ...
Tags: criminals, malicious emails, payroll services firms, ISC
Microsoft today announced it will deliver seven security updates, one critical, to patch 20 vulnerabilities in Office, SharePoint Server, SQL Server, Windows and other parts of its product lineup. "It looks like an Office month," said ...
Tags: Microsoft, security updates, vulnerabilities, Office, SharePoint Server