An SDN vulnerability forced OpenDaylight to focus on security
Open-source software projects are often well intended, but security can take a back seat to making the code work.
Open-source software projects are often well intended, but security can take a back seat to making the code work.
Cisco Systems released firmware updates for several routers and switches that run its IOS and IOS XE software in order to fix flaws in their autonomic networking infrastructure (ANI) feature.
The number of zero-day and Web browser vulnerabilities shot up in 2014, but overall software vendors are patching faster.
Cybercriminals are exploiting newly patched vulnerabilities faster, a sign that users and companies need to improve their software updating habits.
Security researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins.
The mystery high-severity flaw that people were expected to be fixed in OpenSSL is no Heartbleed, but it is serious and users should update.
Microsoft updated its Enhanced Mitigation Experience Toolkit (EMET), a free exploit prevention tool, to protect against attacks that attempt to bypass Internet Explorer's sandbox using VBScript.
New versions of OpenSSL will be released on Thursday to patch several security vulnerabilities, one of which is considered highly serious, according to the OpenSSL Project Team.
Over a million WordPress websites that use a popular plug-in to optimize their search engine results are at risk of being hacked if they don't apply a newly released patch.
If you patched your Windows computers in 2010 against the LNK exploit used by Stuxnet and thought you were safe, researchers from Hewlett-Packard have some bad news for you: Microsoft's fix was flawed.
A cryptographic library used in all Windows versions is affected by a recently disclosed vulnerability in SSL/TLS implementations that allows man-in-the-middle attackers to force clients and servers to use weak encryption. Internet Explorer and other programs using the library are affected.
As a result of reports received through its bug bounty program Facebook confirmed and fixed 61 high-severity vulnerabilities last year, almost 50 percent more than in 2013.
WordPress site owners using the WP-Slimstat plug-in installed should upgrade it to the latest version immediately in order to fix a critical vulnerability, security researchers warn.
Security researchers are urging users to install new Samba security updates in order to address a critical vulnerability that allows attackers to execute arbitrary code with root privileges.
Lenovo has admitted it "messed up badly" by pre-loading software on some consumer laptops that exposed users to possible attack, and said it will soon release a tool to remove it.