The company updates the version of Struts included in its vCenter Operations Management Suite product.
An API and mobile app loophole allowed access to 2FA-enabled accounts with only a user name and password, researchers from Duo Security said
Despite visible progress 2,000 servers with large amplification factors remain, a security vendor reports
Rootkits are again on the rise with the number of new samples reaching levels not seen since 2011, a McAfee report said
Attackers compromised ICS/SCADA vendor sites and altered software downloads to distribute the malware, researchers from F-Secure said
The Syrian Electronic Army compromised a third-party widget to redirect some Reuters.com visitors to a defacement page
Developers of the Modern Honey Network want to simplify deployment and monitoring of these threat-intelligence systems
A new version of Android for Nexus devices is primarily a security update that patches the bundled OpenSSL library
CodeSpaces.com shut down after a hacker gained access to its Amazon EC2 account and deleted most data, including backups
Someone blackmailed Nokia in 2007 by threatenting to leak a digital key the company used to sign Symbian applications, a news report says.
A vulnerability in the engine used by many Microsoft antimalware products can lead to a persistent denial-of-service condition
A hardcoded encryption key allows recovering files held hostage by the Simplocker Android malware
A hacker earned over $600,000 by infecting network-attached storage devices with Dogecoin mining malware, Dell SecureWorks researchers said
A known critical vulnerability in OpenSSL can be exploited on over 20,000 of Internet's top 155,000 SSL sites, a researcher from Qualys said
Project Galileo will help political and artistic websites resist censorship attempts that use distributed denial-of-service techniques