Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.
Stories by Lucian Constantin
Cybercriminals are controlling malware on Android devices through a Google service that enables developers to send messages to their applications, according to security researchers from antivirus vendor Kaspersky Lab.
Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol.
Mobile ad networks can provide a loophole to serve malware to Android devices, according to researchers from security firm Palo Alto Networks who have found new Android threats being distributed in this manner.
The Chinese hacker group that broke into the computer network of The New York Times and other high-profile organizations, including defense contractors, has launched new attacks following a few months of inactivity, according to researchers from security vendor FireEye.
An increasing number of Android phones are infected with mobile malware programs that are able to turn the handsets into spying devices, according to a report from Kindsight Security Labs, a subsidiary of telecommunications equipment vendor Alcatel-Lucent.
Cisco Systems released a security patch for its Unified Communications Manager (Unified CM) enterprise telephony product in order to mitigate an attack that could allow hackers to take full control of the systems. The company also patched denial-of-service vulnerabilities in its Intrusion Prevention System software.
Aiming to better address the security needs of businesses of all sizes that are facing increasingly complex attacks, McAfee has added two endpoint security suites to its product lineup.
The amount of cybercriminal activity associated with the Zeus family of financial Trojan programs has increased during the past few months, according to security researchers from antivirus vendor Trend Micro.
Security researchers have identified multiple samples of the recently discovered "KitM" spyware for Mac OS X, including one dating back to December 2012 and targeting German-speaking users.
Adobe has released scheduled security updates for its Reader, Acrobat, Flash Player and ColdFusion products on Tuesday in order to fix many critical vulnerabilities, including one that is already actively exploited by attackers.
Security vendor Sophos has released an update for the software used on its Web gateway security appliance in order to address three serious vulnerabilities in the product's Web-based user interface.
Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits currently used in popular Web attack toolkits, according to statistics published Monday by security vendor Websense.
Kaspersky Lab's Internet Security 2013 product contains a bug that can be exploited remotely, especially on local networks, to completely freeze the OS on computers running the software.
A security researcher has found a loophole in how the HTML5 Web Storage standard is implemented in the Google Chrome, Internet Explorer and Apple Safari browsers that could allow malicious websites to fill visitors' hard disk drives with large amounts of junk data.
Nominations Close on June 12
VIRTUAL EVENT - Thursday, June 18 - Registrations Open