The disclosure of an Apache Struts 2 vulnerability made the framework a lucrative target and highlighted the importance of patch management.
Kapersky Labs explained that the life of a computer worm exploit doesn't end with the release of a security patch. Stuxnet is one example.
Security researcher Xudong Zheng discovered a vulnerability in several popular web browsers that could enable fraudster to mask phishing attacks.
A newly released Magneto vulnerability comes with serious risk of total e-commerce compromise. Here's what businesses and shoppers need to know.
A new potential problem for ICS security stems from CODESYS, a hardware-independent middleware layer for programming IIoT and ICS devices.
To properly manage risk, security analysts must understand the threats and vulnerabilities that exist on their networks and assess their consequences.
Bug bounty programs are now paying out more to white-hat hackers, but they're also tightening regulations on payments and structure.
SAP HANA customers should invest in an active threat monitoring and detection solution — meaning a SAP-specific threat vector detection.
As part of HackerOne's effort to improve open source security, the vulnerability disclosure firm made its bug bounty program available for free.
The Wireshark development team addressed dozens of vulnerabilities, segmentation flaws and bugs with the latest version of its network protocol analyzer.