Google Chrome, the world’s most popular web browser, is banging another nail into Adobe Flash’s coffin… in preference for HTML5.
The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.
Web servers around the world are at risk from a serious security vulnerability, dubbed the DROWN attack, which could allow hackers to steal private information.
Yes, you should keep your online store patched – but please be sure that the patch you are installing isn’t itself malicious.
Don’t just delete the malicious code on your web server. Determine how it got there in the first place if you want to prevent future attacks.
Computer security vendors have been told to raise their game at the Virus Bulletin conference in Prague, and work more closely with vulnerability researchers.
One of the big malware stories of the last few days has been the discovery that legitimate developers had uploaded apps to Apple’s App Store, without realising that their code had been compromised.
The malicious code, known as XcodeGhost, managed to insert itself into the developers’ apps via a circuitous route.
In the last few years extortion has hit computer users, big time.
Consumers and businesses alike are finding themselves locked out of their computers, or prevented from accessing their valuable data, by ransomware attacks that demand a payment be made to online criminals.
But normally when these malicious attacks are described,
Android security flaws have become more frequent in the news lately. At least one of them, Stagefright, has been quite severe. The worst part is now that these vulnerabilities have publicly disclosed, everyone including cybercriminals are aware of them. The details needed to compromise devices have been published by every level of media,
A cross-site scripting (XSS) flaw on PayPal’s website could have been used by hackers to phish for your login credentials, and even steal your unencrypted card details.
But thankfully the vulnerability was found by a responsible researcher, who informed PayPal about the problem and helped the web’s most popular payment service from being embarrassed by a massive security gaffe.
Industrial Control Systems (ICS) are the computer systems and networks used to control industrial plants and infrastructures. The term includes Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS), and Programmable Logic Controllers (PLC).
These systems are used in many sectors classified as critical by the U.S. and other governments.
Here’s a very important lesson for system administrators and developers who don’t want data to fall into the wrong hands: change the default settings, or risk leaving your organisation’s servers open to access by unauthorised, external parties.
A study by researchers at Swiss security firm BinaryEdge has scanned the internet on various ports,
Industrial Programmable Logic Controllers (PLCs) are devices used to control key manufacturing and infrastructure systems around the world. A PLC is a fully customizable device which can take just about any data in, perform any combination of logical operations on it, and create an almost unlimited number of output scenarios. They’re common on manufacturing lines to control production machinery.
Yesterday was Patch Tuesday, and – as Optimal Security’s Russ Ernst described – Microsoft released fixes for a smorgasbord of vulnerabilities.
Obviously, it’s important that you roll out the patches as soon as possible, and ensure that your computers and networks are protected against threats which malicious hackers could use to target your systems,