We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Get cracking with the latest Flash upgrade, because the vulnerability it patches is a peach, allowing a cross-site request forgery (CSRF) attack for stealing user credentials.
The Social Security numbers of roughly 18,000 California physicians and health-care providers were inadvertently made public after a slip-up at health insurance provider Blue Shield of California, the organization said Monday.
Washington DC-area residents with a hankering for lion meat lost a valuable source of the (yes, legal) delicacy last year when a restaurant called the Serbian Crown closed its doors after nearly 40 years in the same location. The northern Virginia eatery served French and Russian cuisine in a richly appointed dining room thick with old world charm.
Unix-based systems, as used worldwide by sysadmins and cloud providers alike, could be hijacked by hackers abusing a hard-coded vuln that allows them to inject arbitrary commands into shell scripts executed by high-privilege users.
Researchers have warned of a vulnerability present on an estimated 10 percent of Android phones that may allow attackers to obtain highly sensitive credentials, including cryptographic keys for some banking services and virtual private networks, and PINs or patterns used to unlock vulnerable devices.
THE perpetual cat-and-mouse game between computer hackers and their targets is getting nastier. Cybercriminals are getting better at circumventing firewalls and antivirus programs. More of them are resorting to ransomware, which encrypts computer data and holds it hostage until a fee is paid.
An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an advisory published Thursday warned.
The FBI announced Wednesday the capture of an alleged member of NullCrew, an organization responsible for cyber-attacks against universities, government agencies and corporations. The suspect, Timothy French, was arrested in Tennessee last Wednesday.
Woe to the once-hallowed trickster. In ancient mythologies, the riddler-thief and agent of change held a position of prestige. Now, we don
A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company's backups.
Direct Memory Access (DMA) is a controller feature that has been available at least since the original IBM PC. It can be used by hackers to compromise your otherwise very heavily protected computer. Fortunately, there are steps you can take to minimize DMA-based attacks.
A couple of 14-year-old computer whizzes have the Bank of Montreal upgrading its security after the teens hacked an ATM machine. Matthew Hewlett and Caleb Turon, both Grade 9 students, found an old ATM operators manual online that showed how to get into the machine's operator mode.
Dismantling one of the world's most insidious computer viruses required complex and fast-paced tactics that will be the blueprint for U.S. law enforcement's future cyberbattles.
A hard-to-tracking hacking group, known to use zero-day attacks, changed tack to use social media in an attempt to compromise an employee of an energy company, according to new research from FireEye.
The hacker collective Anonymous and its factions LulzSec and AntiSec drew widespread attention between 2008 and 2012 as they tore loudly through the internet ruthlessly hacking websites, raiding email spools, exposing corporate secrets and joining the fight of the 99 percent.
Chinese hacking of American computer networks is old news. For years we've known about their attacks against U.S. government and corporate targets. We've seen detailed reports of how they hacked The New York Times. Google has detected them going after Gmail accounts of dissidents.
Like a crowbar, security software tools can be used for good and evil. Bootleg versions of a powerful tool called "Card Recon" from Ground Labs, which searches for payment card data stored in the nooks and crannies of networks, have been appropriated by cybercriminals.
The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can be bypassed on around half of computers that have the feature enabled in order to install bootkits, according to a security researcher.
Tens of thousands of pirate gamers have been enslaved in a Bitcoin botnet after downloading a cracked copy of popular game Watch Dogs.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
