Attackers used an authentication bypass vulnerability in Adobe’s ColdFusion software as a stepping stone in an attack that infected web servers with malware. Additional details about the attack emerged in recent days as researchers from Trustwave’s SpiderLabs continued to dig into reports of malware disguised as modules for Microsoft’s Internet Continue Reading

Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that advice, and that realisation often demoralises IT security professionals. Cyber attackers are, on the other hand, overjoyed that some users don’t Continue Reading

Microsoft on last Tuesday released fixes for critical vulnerabilities in Internet Explorer, Microsoft Office, SharePoint, and the Windows operating system, including patches for two different zero-day vulnerabilities. But it has yet to patch a zero-day vulnerability that was first spotted in late November. The fixes came as part of Microsoft’s Continue Reading

Google has a vision for how Chrome OS users will one day be able to lock and unlock their devices, without requiring a password. The Chromium OS team is building support for unlocking and locking devices running the operating system with a new Chrome API called “chrome.screenlockPrivate.” The API was Continue Reading

Google is reportedly looking into a problem with the latest versions of Nexus smartphones that could force the devices to restart, lock or fail to connect to the Internet. All Galaxy Nexus, Nexus 4 and Nexus 5 devices that run Android 4.0 contain a flaw that can render the phones Continue Reading