DNS server attacks begin using BIND software flaw
Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses.
Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses.
Attackers could exploit a new vulnerability in BIND, the most popular Domain Name System (DNS) server software, to disrupt the Internet for many users.
Millions of Web users could be vulnerable to an attack on their computer's DRAM via the Web, a surprising development that expands on a bug that has increasingly worried computer security experts.
A malicious application or Web page could be used to crash Android devices, in some cases persistently, due to a vulnerability in a multimedia processing component.
U.S. President Barack Obama should oppose legislation intended to let businesses share cyberthreat information with each other and with government agencies because the bill would allow the sharing of too much personal information, a coalition of digital rights groups and security experts said.
A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.
The vast majority of Android phones can be hacked by sending them a specially crafted multimedia message (MMS), a security researcher has found.
Companies often fail to hide if an email address is associated with an account on their websites, even if the nature of their business calls for this and users implicitly expect it.
Security researchers published limited details about four unpatched vulnerabilities in Internet Explorer because Microsoft has not moved quickly enough to fix them.
Developers of the popular WordPress blogging platform have released a critical security update to fix a vulnerability that can be exploited to take over websites.
A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses.
Italian surveillance software maker Hacking Team recently claimed that it hasn't lost any customers after the massive leak of its internal data two weeks ago. But it has lost at least one business partner: U.S.-based penetration testing specialist and zero-day exploit broker Netragard.
The leaked files from surveillance software maker Hacking Team have proven to be a great resource for cyberespionage groups, which have used at least two Flash Player exploits from the company's arsenal.
The Flash Player update released Tuesday not only fixed two vulnerabilities that were being targeted by attackers, but added additional protections that will make entire classes of security flaws much harder to exploit in the future.
There's an old saying in the security community: Attacks always get better. The latest case where that holds true is for the aging RC4 cipher that's still widely used to encrypt communications on the Internet.