Apache Struts security update disables vulnerable feature
A new version of the Apache Struts development framework released Friday fixes two problems that had developers worried.
Stories by Lucian Constantin
Rogue hardware used in attempted cyberheist at Santander bank branch
A criminal gang attempted to plant a rogue hardware device on the network of a Santander bank branch in London to remotely control a computer and steal money.
Oracle adds long-awaited whitelisting capabilities to Java
Oracle added a feature in Java that lets companies control what specific Java applets are allowed to run on their endpoint computers, which could help them better manage Java security risks.
Cyberspies attack key South Korean institutions, North Korean hackers suspected
South Korean organizations that conduct research on international affairs, national security and Korean unification are under siege from cyberspies whose attack may have its origins in North Korea.
Adobe issues critical security updates for Flash Player, Reader and Shockwave Player
Adobe released security updates for Flash Player, Adobe Reader and Shockwave Player on Tuesday to address critical vulnerabilities that could allow attackers to take control of systems running vulnerable versions of those programs.
Fingerprint sensor in iPhone 5S is no silver bullet, researchers say
The fingerprint sensor in Apple's new iPhone 5S has the potential to enhance the security of the device, but the devil will be in the details.
Email spam campaign distributes Android scareware
Android malware is following in the footsteps of Windows malware with attackers adopting some of the same distribution and monetization techniques despite the major differences between the platforms.
Leaked US spying budget reveals investments in 'groundbreaking' cryptanalysis
The U.S. intelligence community is reportedly using a fifth of its US$52.6 billion annual budget to fund cryptography-related programs and operations.
vBulletin users warned of potential exploit
The developers of the popular vBulletin commercial Internet forum software are investigating a potential exploit and advised users to delete the "install" directory from their deployments as a precaution.
Cisco fixes critical remote command execution vulnerability in Secure Access Control Server
Cisco Systems released security patches for Secure Access Control Server (Secure ACS) for Windows to address a critical vulnerability that could allow unauthenticated attackers to remotely execute arbitrary commands and take control of the underlying...
Spear phishing led to DNS attack against the New York Times, others
The cyberattack that resulted in nytimes.com and some other high-profile websites being inaccessible to a large number of users Tuesday started with a targeted phishing attack against a reseller for Melbourne IT, an Australian domain registrar and IT...
Cybercrime service automates creation of fake scanned IDs, other identity verification documents
A new Web-based service for cybercriminals automates the creation of fake scanned documents that can help fraudsters bypass the identity verification processes used by some banks, e-commerce businesses and other online services providers, according t...
Report: NSA broke into UN video teleconferencing system
The U.S. National Security Agency reportedly cracked the encryption used by the video teleconferencing system at the United Nations headquarters in New York City.
Mozilla considers rejecting long-lived digital certificates following similar decision by Google
Mozilla is considering the possibility of rejecting as invalid SSL certificates issued after July 1, 2012, with a validity period of more than 60 months. Google already made the decision to block such certificates in Chrome starting early next year.
Popular download management program has hidden DDoS component, researchers say
Recent versions of Orbit Downloader, a popular Windows program for downloading embedded media content and other types of files from websites, turns computers into bots and uses them to launch distributed denial-of-service (DDoS) attacks, according to...
Latest News Articles
- Laser points to value with new smartwatch
- Apple’s App Store Best of 2020 includes old favorites, pandemic essentials
- Why Snapdragon 888 could be the end of Qualcomm’s U.S. dominance
- Inside the Snapdragon 888: The features you'll find in 2021's premium phones
- ClearVPN review: The stream is the thing
Most Popular Articles
- 1 Nvidia GeForce RTX 3060 Ti Founders Edition review: Spectacular 1440p gaming
- 2 iPhone 12 vs Android’s best: It’s time to consider switching phones
- 3 Asus TUF GeForce RTX 3060 Ti review: Stone cold, dead silent
- 4 Where is the Qualcomm Snapdragon that will challenge Apple's M1 Macs?
- 5 Wyze Noise-Cancelling Headphones review: Startlingly affordable
Resources
Macworld
What's new, plus best mac-related tips
and tricks
Business Centre
The latest business news, reviews, features and whitepapers
Videos
Watch our video news and reviews from around the world
Guides
Comprehensive buying guides, features, and step-by-step articles
Featured Content
- Why do gamers like RGB Lights?
- Sonos Arc review: The Main Event
- Umurangi Generation review: Evangelion Meets Pokémon Snap
- Intel Core i3 vs i5 vs i7: find out which cpu is better
- Laser vs. inkjet printers: which is better?
