Attackers bypass defenses aganst macros with social engineering to install malware.
The company failed to fix a security flaw reported over a year ago, a developer said
In-flight Internet provider Gogo replaces the HTTPS certificates on sites like YouTube with self-signed ones.
The tool can disconnect Wi-Fi users and trick them into disclosing their access password to a rogue access point
Flaws in third-party software libraries often find their way into products, a problem that will occupy developers and sysadmins next year
The law could impact international businesses, as Romania is a hub for IT outsourcing and development
The rogue code will run in the boot ROM and will be hard to detect or remove, a researcher said
The flaw could be exploited to launch XSS and content spoofing attacks
The attackers stole an employee's access credentials and used them to access a server that lacked a stronger authentication mechanism
The group compromised computer networks and ATMs operated by financial institutions, as well as point-of-sale terminals
Systems administrators are urged to install critical patches that address remote code execution flaws in NTP
The new Chthonic Trojan borrows features from ZeuS and several of its spinoffs, researchers from Kaspersky Lab said
Malicious Git code repositories can execute rogue commands on client machines interacting with them
Attackers can take control of millions of routers by sending a specially crafted request to RomPager, an embedded Web server running on them
Spark is installed by a script written in AutoIt and scrapes card data from the memory of POS terminals