Hackers infect MySQL database servers with a malware program that's used to launch distributed denial-of-service (DDoS) attacks.
Google wants Symantec to publicly disclose all the certificates it issues and to undergo a third-party security audit after an incident involving the CA issuing unauthorized certificates as part of internal testing.
The U.S. Copyright Office added security research on cars and medical devices to the list of exemptions from the rules prohibiting the circumvention of access controls that are used to protect works.
South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.
Less than four hours after a critical vulnerability was patched in Joomla, security firms already detected attacks exploiting the flaw.
The head of a German Federal Chancellery unit reportedly had his laptop infected with Regin, a cyberespionage program believed to be used by the U.S. National Security Agency and its closest intelligence allies.
A Russian cyberespioange group tried to infiltrate the international investigation into the crash of Malaysia Airlines Flight 17 (MH17) that was shot down by a missile over Ukraine in July 2014.
A recently detected distributed denial-of-service (DDoS) attack was launched from 900 compromised CCTV cameras that were hijacked by hackers.
Mozilla is considering banning digital certificates signed with the SHA-1 algorithm in July 2016.
Oracle fixed a vulnerability in Java that a Russian cyberespionage group used to launch stealthy exploits against NATO member countries earlier this year.
The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.
Google will require Android devices capable of decent cryptographic performance to enable full-disk encryption by default in order to be declared compatible with Android 6.0.
Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.
The Cisco AnyConnect Secure Mobility Client was updated to fix vulnerabilities that could allow attackers to gain system or root privileges on Windows, Linux and Mac OS X computers.
Newly discovered vulnerabilities in the way Android processes MP3 and MP4 files can allow attackers to compromise devices by tricking users to visit specifically-crafted Web pages. Meet Stagefright 2.0.