Danish vulnerability management company Secunia aims to make the task of reporting software vulnerabilities easier for security researchers by offering to coordinate disclosure with vendors on their behalf.
Security researchers from the CrySyS laboratory in Hungary have located an installer for Duqu, the <a href="http://www.pcworld.com/businesscenter/article/242114/duqu_new_malware_is_stuxnet_20.html">Stuxnet-inspired threat</a> that has kept the security industry on its toes for the past couple of weeks, and determined that it exploits a previously unknown vulnerability in the Windows kernel.
Researchers from Stanford University have developed an automated tool that is capable of deciphering text-based anti-spam tests used by many popular websites with a significant degree of accuracy.
A newly identified Mac OS X Trojan bundles a component that leverages the processing power of video cards (GPUs) to generate Bitcoins, a popular type of virtual currency.
A serious code injection vulnerability affecting timthumb, a popular image resize script used in many WordPress themes and plugins, has been exploited in recent months to compromise over 1 million Web pages.
The frequency of attacks that distribute fake antivirus software, a long-time pillar of the underground economy, has decreased considerably in recent months. However, security researchers warn that the industry is not yet dead and new versions of attacks continue to be released.
New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim's browser.
Czech based free domain provider dotFree Group has settled the lawsuit brought against it by Microsoft in the Kelihos takedown case by suspending all abusive hosts registered through its service and promising better collaboration in the future.
Security vendor Kaspersky Lab has identified infections with the new Duqu malware in Sudan and, more importantly, Iran, the main target of the Trojan's predecessor -- Stuxnet.
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.
A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security researchers from Finnish antivirus vendor F-Secure.
Microsoft's official YouTube channel was hijacked on Saturday and all videos hosted on it were temporarily removed. The hacker replaced them with others claiming that Microsoft is holding a contest.
A weakness in XML Encryption can be exploited to decrypt sensitive information, researchers say.
Experts from security vendor ESET warn that TDL4, one of the most sophisticated pieces of malware in the world, <a href="http://blog.eset.com/2011/10/18/tdl4-rebooted">is being rewritten and improved</a> for increased resilience to antivirus detection.