GitHub today announced its suite of supply chain features is now available for the Go programming language. This includes the GitHub security database with over 150 Go advisories, Dependabot alerts and updates, and dependency graph which provides information to alert for vulnerable dependencies.
McAfee's Enterprise Advanced Threat Research (ATR) team have released a vulnerability disclosure for the Peloton Bike+ to gain remote access to the bike's tablet, camera, microphone and personal data - how did they do it?
Although it has just been over three weeks since the last updates for the iPhone, iPad and Apple Watch, and in the last update, Apple TV's tvOS too, another update is out to defeat this vulnerability which "may have been actively exploited."
The number of APT groups "exploiting the latest Exchange vulnerabilities grows, with thousands of email servers under siege" according to security company ESET.
A memory corruption issue that could see maliciously crafted web content being processed may lead to arbitrary code execution on all those platforms has seen an update being made available today.
Microsoft has released an additional patch to fix the Zerologon vulnerability that surfaced last year, having first issued a patch for the flaw in August 2020 and then updated it the following month.
GUEST OPINION: Reports suggest that cyber criminals have been more active than ever during the global pandemic, seeing the state of general upheaval as an opportunity to evolve and find new attack vectors.
A warning has been issued by the Israel National Cyber Directorate about a critical remote code execution flaw in the Drupal content management system.
Researchers at security firm Eclypsium have discovered a means whereby malicious code can be inserted during the boot-up process on a device running Linux, due to a flaw in the bootloader used: the grand unified bootloader otherwise known as GRUB, now in its second version.
According to unconfirmed reports, there is a hidden access 'backdoor' in the Siemens SIMATIC S7-1200 PLC (programmable logic controller) which would give attackers access to any device.
Researchers at AdaptiveMobile Security recently detected a new vulnerability that uses the confirguration protocols used by a telco to provision a phone, making itessentially impossible for the user to block.
A script that mines for cryptocurrencies on Linux systems first needs to infect these systems, either by using brute force to guess SSH passwords or else by gaining entry through the use of stolen credentials that can be bought on dark web forums.
Open-source web platform Meteor has disclosed a recently discovered vulnerability which can break MongoDB protections.
When a disastrous ransomware attack is devastating computers across the globe, based on a five-year-old NSA discovered vulnerability, where’s Microsoft?
A 2014 vulnerability in OpenSSL is yet to be patched in about 200,000 Web-facing devices, according to figures from the Shodan search engine.
If you recently updated your iOS version to 9.3.3 and thought that was it until iOS 10, there’s an urgent update to iOS 9.3.4 for security you should get.
Four vulnerabilities have been discovered in premium Qualcomm LTE, 4G chipsets that can give an attacker complete control of an Android smartphone or tablet.
ICS-CERT has advised of a vulnerable SCADA system currently in use that cannot be patched.
What do you do when the US Department of Homeland Security warns Windows users to remove QuickTime – you do it.
A Kaspersky Lab tech expert has found ways to hack into medical devices in an attempt to explore security weaknesses and how to address them - the findings will make you ill!
I find it strange that things like watching streaming media such as Netflix or listening to music should be classifieded[…]
thanks for this post
There's a lot more in US District Judge Yvonne Gonzalez Rogers' decision than you have reported here. Apple won all[…]
I'm a retired proofreader with a lot of free time on my hands and would happily work as a moderator[…]
All this ruling does is clarify the situation and confirm the commonsense proposition that what has long been generally unlawful[…]