Approximately 75 percent of the mobile applications scanned exhibited at least one critical or high-severity security vulnerability, compared to 35 percent of non-mobile applications.
Google has released a security update to Nexus devices through an over-the-air (OTA) update as part of its Android Security Bulletin Monthly Release process.
Clair is an API-driven analysis engine that inspects containers layer-by-layer for known security flaws.
Researchers have developed a technique that allows an attacker use an account on Amazon Elastic Compute Cloud (EC2) to steal cryptographic keys of other AWS users.
Nearly 95 percent, or 950 million, Android devices are affected by this "scary" vulnerability, according to researchers.
This vulnerability is rated as critical since it can provide an attacker with persistent root access to a computer that may survive any disk wipe or operating system reinstallation.
One of the most common cyberattack vectors on SAP systems is the use of pivots between different systems. The attack begins with a pivot from a system with lower security to a critical system in order to execute remote function modules in the destination system.
An old weakness in Microsoft's Windows operating system could theoretically allow hackers to steal login credentials from hundreds of millions of PCs.
According to Greyhound Research, Microsoft Office 365 continues to rate weak on SSL3.0 Security Vulnerability.
While the high level vulnerabilities were divided equally (50 percent) between the two operating systems, among the critical ones Apple iOS was found to be much more vulnerable at 67 percent in comparison to Android which stood at 33 percent.
Since Shellshock targets UNIX-based machines, organisations should harden their servers. This can be done by implementing a 'least privilege' strategy and preventing unlimited root shell accesses.
All versions of PAN-OS and Panorama include the vulnerable version of Bash, but we've determined the issue is only exploitable by authenticated users, says the security company.
Known as the 'Bash Bug' or 'Shellshock', the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.
As cyber attacks increase in volume and severity, QRadar Vulnerability Manager helps identify, sort, contextualise and prioritise network vulnerabilities.
A United Nations group that advises nations on cybersecurity plans to send out an alert about significant vulnerabilities...
New research reveals vulnerabilities up nearly 20 percent.
Experts from Kaspersky Lab uncovered the hidden attack, which exploited a vulnerability in the teasers used by a number of popular Russian news sources.
Kernel.org was the first site to be hacked and similar vulnerabilities are likely to exist on some of the sister sites.
The latest victims of a hack attack are sites belonging to the Linux Foundation.