Hackers managed to steal a database containing customer credentials and contact information from PR Newswire, a major press release distribution service that's used by tens of thousands of companies and public relations agencies.
Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.
A security issue in some of D-Link routers could allow attackers to change the device settings without requiring a username and password. D-Link says it will address the problem with a firmware update by the end of the month.
The Brazilian Federal Data Processing Service, known as Serpro, will build a secure email system for Brazil's federal government following media reports that foreign intelligence agencies intercepted electronic communications in the country.
The Electronic Frontier Foundation, a digital rights watchdog, says it's dropping out of the Global Network Initiative because corporate members of that group can't reveal how the government may have forced them to cooperate with surveillance programs.
The vulnerability allows attackers to abuse the vBulletin configuration mechanism to create a secondary administrative account, the researchers said Wednesday.
Cisco Systems has released security patches for authentication bypass, command execution and denial-of-service vulnerabilities affecting products that use its Adaptive Security Appliance (ASA) software, as well as the Cisco Catalyst 6500 series switches and Cisco 7600 series routers.
The popular mobile messaging application WhatsApp Messenger has a major design flaw in its cryptographic implementation that could allow attackers to decrypt intercepted messages, according to a Dutch developer.
After arresting four men for drug offenses in connection with their involvement in Silk Road, U.K.'s new National Crime Agency promises that more arrests related to the Internet underground market will follow.
Russian authorities have arrested the main developer of the notorious Blackhole exploit kit, one of the most popular attack tools used to infect Web users with malware.
Hosting provider LeaseWeb became the latest high-profile company to have its domain name taken over by attackers, highlighting that DNS (Domain Name System) hijacking is a significant threat, even to technically adept businesses.
The developers of WHMCS, a popular client management, billing and support application for Web hosting providers, released emergency security updates Thursday to patch a critical vulnerability that was publicly disclosed.
Mozilla Persona allows users to verify their ownership of one or more email addresses and then use those addresses to authenticate on websites.
The U.S. National Security Agency's reported efforts to weaken encryption standards have prompted an encrypted communications company to move away from cryptographic algorithms sanctioned by the U.S. National Institute of Standards and Technology (NIST).
An exploit for a vulnerability that affects all versions of Internet Explorer and has yet to be patched by Microsoft has been integrated into the open-source Metasploit penetration testing tool, a move that might spur an increasing number of attacks targeting the flaw.