Network Security

Network Security news, trend analysis and opinion

Enterprise Annexation of Endpoint Security

Malware detection, prevention, and response activities are quickly bringing endpoint and network security together.

'Tiny banker' malware targets US financial institutions

Its source code was leaked in July, which may have broadened its use among cybercriminals


Open-source project promises easy-to-use encryption for email, instant messaging and more

Pretty Easy Privacy system aims to make encryption of written online communication accessible to masses

Data protection authorities find privacy lapses in majority of mobile apps

One in three applications request excessive permissions, and privacy information is inadequate in 85 percent of them, a study found

Vulnerability in popular Joomla e-commerce extension puts online shops at risk

The security issue might affect other extensions as well, researchers from Sucuri said

Five million Gmail addresses and passwords dumped online

The data was not likely stolen from Google, but from other websites, researchers said

Microsoft Patch Tuesday thwarts nosey malware

This month's round of Patch Tuesday updates includes a critical fix for Internet Explorer

Adobe fixes critical flaws in Flash Player, delays Reader and Acrobat updates

The new Flash Player update patches 12 vulnerabilities, many of which could allow remote code execution

Encryption failures fixed in popular PGP email security tool Enigmail

Users of Enigmail 1.7 are advised to upgrade to version 1.7.2 as soon as possible

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

Home Depot confirms breach of its payment systems

Customers will not be held responsible for fraudulent charges, the company said

Popular Android apps fail basic security tests, putting privacy at risk

Instagram and Grindr stored images on their servers that were accessible without authentication

Cyberespionage group starts using new Mac OS X backdoor program

The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

Hackers exploit critical vulnerability in popular WordPress theme component

WordPress admins should check if their sites use the Slider Revolution plug-in and update it immediately, researchers said

Twitter launches bug bounty program

The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps

Attack hijacks DNS settings on home routers in Brazil

Attackers use cross-site request forgery techniques to change router settings when users visit malicious websites

Hackers make drive-by download attacks stealthier with fileless infections

New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found

Why hackers may be stealing your credit card numbers for years

Hackers may have the upper hand for years as the retail industry slowly upgrades its systems, analysts said

Reconnaissance code on industrial software site points to watering hole attack

Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said

Load More