IBM, Hewlett-Packard (HP) and Microsoft led the list of companies that failed to patch vulnerabilities within six months of being notified by the world's biggest bug bounty program, according to HP TippingPoint's Zero-Day Initiative (ZDI).
Two newly discovered vulnerabilities in Adobe's Flash Player can be exploited to execute arbitrary code remotely, according to <a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4694">advisories</a> from the U.S. Computer Emergency Readiness Team (US-CERT) and various security research companies.
U.S. and Russian antivirus vendors took shots at each other as they quarreled over a recent report of a cyber campaign that allegedly infiltrated scores of Western governments, organizations and corporations.
Google has taken the unprecedented step of warning millions of users whose PCs it believes are infected with fake security software and other malware, the company said yesterday. But some security experts are leery of Google's move.
Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said today.
Last month's hack of RSA Security began with an exploit of a then-unpatched vulnerability in Adobe Flash Player, the company confirmed Friday.
The continuing failure by most enterprises to encrypt sensitive data stored on laptops and other mobile devices is inexcusable, analysts said following BP's disclosure this week of a <a href="http://www.computerworld.com/s/article/9215316/BP_employee_loses_laptop_containing_data_on_13_000_oil_spill_claimants">data compromise involving a lost laptop</a> .
The relatively scant information released by EMC's RSA security group on Thursday in connection with the theft of SecurID authentication technology code is fueling considerable speculation about the nature of the breach and its impact on enterprises.
SAN FRANCISCO -- Acknowledging that security technologies to prevent cyberattacks are insufficient, several vendors at the RSA Conference here urged companies that are making security plans to assume that at some point, they will be breached.
Adobe yesterday patched 29 vulnerabilities in Reader, it's PDF viewer, and 13 more in Flash, the popular Web media browser plug-in, as part of an even larger quarterly security update.
Intel's chief technology officer says the chip maker is developing a technology that will be a security game changer.
The passive keyless entry and start (PKES) systems supported by many modern cars are susceptible to attacks that allow thieves to relatively easily steal the vehicles, say security researchers at Switzerland's ETH Zurich University.
BOSTON -- Research in Motion will launch a cloud-based capability for its popular BlackBerry Enterprise Server by the end of 2011, RIM officials said Thursday.
Smart card vendor Gemalto introduced a new credit card Wednesday that's capable of generating one-time-passwords (OTP) for electronic banking and payment transactions.
Microsoft today patched 11 vulnerabilities, including one in Office that hackers will quickly exploit to launch drive-by attacks, said security experts.