A new technique allows attackers to hide malicious code inside digitally signed files without breaking their signatures and then to load that code directly into the memory of another process.
After years of reluctance to pay researchers for exploits, Apple has given in and is ready to hand out up to US$200,000 for critical vulnerabilities found in the latest version of iOS and the newest iPhones.
The communications between card readers and point-of-sale systems is not secure and attackers can tap them to steal payment card data and even PIN numbers.
Millions of point-of-sale systems and hotel room locks can be hacked by temporarily placing a small, inexpensive device several inches away from their card readers.
Over the past few months, cybercriminals have set up a large number of malicious domains and servers in Brazil in anticipation to the Rio 2016 Olympics.
A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.
Security researchers have shut down a large-scale malvertising operation that used sophisticated techniques to remain undetected for months and served exploits to millions of computers.
The future versions of Android will be more resilient to exploits thanks to developers' efforts to integrate the latest Linux kernel defenses into the operating system.a
The creators of the Petya and Mischa ransomware programs leaked around 3,500 RSA private keys allegedly corresponding to systems infected with another ransomware program called Chimera.
A cyberespionage group known for targeting diplomatic and governmental institutions has branched out into many other industries, including aviation, broadcasting, and finance, researchers warn.
Smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices.
Security researchers have released tools this week that could help users recover files encrypted by two relatively new ransomware threats: Bart and PowerWare.
Dell has patched several critical flaws in its central management system for SonicWALL enterprise security appliances, such as firewalls and VPN gateways.
Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday also affect products from third-party software vendors, including Microsoft.
Oracle has released a new batch of security updates for over 80 products from its software portfolio in order to fix 276 vulnerabilities.