Facebook has patched a serious vulnerability that could have allowed attackers to easily gain access to private user account data and control accounts by tricking users into opening specifically crafted links, a Web application security researcher said late Thursday.
Twitter has implemented DMARC, a standard for preventing email spoofing, in order to make it harder for attackers to send phishing emails that appear to come from twitter.com addresses.
Adobe released emergency patches for Adobe Reader and Acrobat 11, 10, and 9 Wednesday that address two critical vulnerabilities being actively exploited by attackers.
Oracle released new Java security updates on Tuesday and announced plans to accelerate the release of future Java patches following recent attacks that have infected computers with malware by exploiting zero-day vulnerabilities in Java browser plug-ins.
A recently found exploit that bypasses the sandbox anti-exploitation protection in Adobe Reader 10 and 11 is highly sophisticated and is probably part of an important cyberespionage operation, Kaspersky says.
Researchers from security firm FireEye claim that attackers are actively using a remote code execution exploit that works against the latest versions of Adobe Reader 9, 10 and 11.
Political activists from the Middle East were targeted in attacks that exploited a previously unknown Flash Player vulnerability to install a so-called lawful interception program designed for law enforcement use, security researchers from antivirus vendor Kaspersky Lab said Tuesday.
Financial malware authors are trying to evade new online banking security systems by returning to more traditional phishing-like credential stealing techniques, according to researchers from security firm Trusteer.
A new exploit kit called Whitehole has emerged on the underground market, providing cybercriminals with one more tool to infect computers with malware over the Web, security researchers from antivirus vendor Trend Micro reported Wednesday.
Many Kaspersky customers were unable to access any websites on their computers Monday, due to a faulty antivirus update.
Hackers behind a recently detected email attack campaign exploited a vulnerability in a Yahoo website to hijack the email accounts of Yahoo users and use them for spam.
Hackers behind a recently detected email attack campaign are exploiting a vulnerability in a Yahoo website to hijack the email accounts of Yahoo users and use them for spam, according to security researchers from antivirus vendor Bitdefender.
Developers of the Ruby on Rails Web development framework released versions 3.0.20 and 2.3.16 of the software on Monday in order to address a critical remote code execution vulnerability.
Tens of millions of network-enabled devices including routers, printers, media servers, IP cameras, smart TVs and more can be attacked over the Internet because of dangerous flaws in their implementation of the UPnP (Universal Plug and Play) protocol standard, security researchers from Rapid7 said Tuesday in a research paper.
Representatives of newly launched file-storage and sharing service Mega addressed some concerns raised by security researchers about the site's architecture and the implementation of its cryptographic features.