The maintainers of the Openwall security enhanced Linux distribution have released a new stable version, which includes fixes for a number of serious vulnerabilities, such as the Shellshock Bash bug and the flaw in SSLv3 that leads to the POODLE attack. Openwall is designed to be a small, compact Linux distribution for servers, appliances and […]
President Obama signed an Executive Order sanctioning three North Korea defense agencies and 10 individuals for the country's alleged role in the Sony hack.
Google's Project Zero disclosed details of a Windows privilege elevation vulnerability. Google said it reported the to Microsoft but it has yet to be patched.
Researchers warn that since public disclosure of a file-upload vulnerability in the WordPress Symposium plug-in and the availability of proof-of-concept exploit code, scans and exploit attempts are on the rise.
Reports emerge suggesting a data breach may have occurred, compromising the payment card data of customers who dined at Chik-fil-A.
A new year begins at midnight and Threatpost highlights seven things you're bound to contend with in 2015.
A vulnerability was discovered and patched in a third-party service that handles resumes on Facebook’s careers page.
Researchers at the Chaos Computer Club conference in Hamburg presented research on the woeful state of security in 4G USB modems.
Researchers Tobias Engel and Karsten Nohl demonstrated serious vulnerabilities in the SS7 protocol for cellular service, putting the privacy of phone calls and users' location data at risk for intercept.
UPDATE: The website of the Internet Systems Consortium, the developers of the BIND DNS software deployed all over the Web, was reportedly infected with malware last week.
Published reports say hackers found a server unprotected by two-factor authentication in order to break in to JPMorgan over the summer and make off with data belonging to 76 million households and seven million businesses.
HP’s Zero Day Initiative has decided to adjust its guidelines and criteria or buying some vulnerabilities in the future, eliminating some large classes of bugs from its menu. The group, which has been among the more visible and prominent of the vulnerability purchasing programs since its inception several years ago, has decided that it will […]