Don't-Miss Business security Stories

Adobe warns customers of unpatched critical flaw in ColdFusion

Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.

Name.com forces customers to reset passwords following security breach

Domain registrar Name.com forced its customers to reset their account passwords on Wednesday following a security breach on the company's servers that might have resulted in customer information being compromised.

Hacking back: Digital revenge is sweet but risky

As cyberattacks increase, victims are fighting back. But retaliation has its own consequences—and may create more damage.

Researchers find hundreds of insecure building control systems

Intruders used to creep in through ventilation ducts. Now they break in using the software that controls the ventilation.

Highly critical vulnerability fixed in Nginx Web server software

The development team behind the popular Nginx open-source Web server software released security updates on Tuesday to address a highly critical vulnerability that could be exploited by remote attackers to execute arbitrary code on susceptible servers.

Stealthy Web server malware spreads further

A stealthy malicious software program is taking hold in some of the most popular Web servers, and researchers still don't know why.

malware

AutoIt scripting increasingly used by malware developers

AutoIt, a scripting language for automating Windows interface interactions, is increasingly being used by malware developers thanks to its flexibility and low learning curve, according to security researchers from Trend Micro and Bitdefender.

Use of 'honeywords' can expose password crackers

Researchers propose foiling password thieves by salting password databases with red herrings called 'honeywords.'

Pentagon accuses China government, military of cyberattacks

China's government and military appear to be directly involved in cyberattacks against the U.S., according to a report released Monday by the U.S. Department of Defense.

security

Aging networking protocols abused in DDoS attacks

Aging networking protocols still employed by nearly every Internet-connected device are being abused by hackers to conduct distributed denial-of-service attacks.

Why changing your LivingSocial password won’t save you

Changing your LivingSocial password is a good first step, but the attackers already have crucial information you can’t change or undo.

Security of hosted services is top priority for Adobe's first CSO

Adobe Systems has appointed Brad Arkin, the company's senior director of security for products and services, to become its first CSO. With a mature product security program already in place, the top priorities for Adobe's new security chief are to strengthen the security of the company's hosted services and its internal infrastructure.

Samsung delays launch of Knox Android security software until 'later date'

Samsung's Knox software is expected to give the company's Galaxy phones a seriously business-friendly boost, but it may be facing delays.