Microsoft has started offering protection against potentially unwanted applications in its anti-malware products for enterprise customers.
Users who have Dell Windows-based laptops, desktops, tablets and other devices that were bought before August should check if their systems have the self-signed eDellRoot certificate that can compromise their private communications.
Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH host keys or HTTPS server certificates.
For the third time in less than six months PC manufacturer Lenovo has had to update the System Update tool pre-loaded on some of its products for security reasons.
After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool.
In an attempt to provide a more streamlined remote support experience, Dell installed a self-signed root certificate and corresponding private key on its customers' computers, exposing users' encrypted communications to potential spying.
Users are reporting that some Dell laptops sold recently come preloaded with a self-signed root digital certificate that lets attackers sniff traffic to any secure website.
A well-known adware program called Vonteera prevents users from installing antivirus products by artificially blacklisting their digital certificates in Windows.
An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them.
VirusTotal, the most widely used online file scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.
Adobe fixed important vulnerabilities in its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app.
Microsoft combines the attack protection, detection and response features built into Windows 10, Office 365, Azure and the Microsoft Enterprise Mobility Suite to help enterprises improve their operational security posture.
Thousands of mobile applications use cloud-based, back-end services in an insecure way, allowing anyone to access millions of sensitive records created by users, according to a recent study.
Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts into over 100 websites visited by business executives, diplomats, government officials and academic researchers.
A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.