Exploits / vulnerabilities - News, Features, and Slideshows
Google plans to remove support for the aging Secure Sockets Layer (SSL) version 3.0 protocol in Google Chrome 40, which is expected to ship in about two months.
The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities.
Users of Drupal, one of the most popular content management systems, should consider their sites compromised if they didn't immediately apply a security patch released on Oct. 15.
Since 2011 a group of attackers has been targeting companies that operate industrial control systems with a backdoor program called BlackEnergy.
Russia is likely behind a long-running computer spying campaign, although the stealthy attacks leave fewer clues than other state-sponsored attacks, according to a new report from FireEye.
- Farmers shut out of online services by new identity scheme
- Facebook says you can be social and secure, acquires .onion address for Tor users
- Swedish hacker finds 'serious' vulnerability in OS X Yosemite
- Court rules cops can demand fingerprints, not passcodes, to unlock smartphones
- Twitter's MoPub ad exchange grabs Verizon tracking cookies, and more may follow