Viry a Červi

Researchers warn users of several plugins to update as vulnerabilities are being actively exploited to redirect website visitor traffic.

Solution Centre WONTFIX amid EOL date shenanigans

Not only has a vulnerability been found in Lenovo Solution Centre (LSC), but the laptop maker fiddled with end-of-life dates to make it seem less important – and is now telling the world it EOL'd the vulnerable monitoring software before its final version was released.…

From a backdoor placed in the Webmin utility to vulnerability disclosure drama around zero-days in Valve's Steam gaming clients, Threatpost breaks down this week's top stories.

Security researchers at Pen Test Partners have found a privilege escalation flaw in the much-maligned Lenovo Solution Center software.

27-year-old also shipped weed, flogged 'how-to' fraud guides

A hacker from Kent, England, has handed over almost a million quid in Bitcoin following a lengthy police investigation.…

If the phishing page looks OK, and it has an HTTPS padlock, how are you supposed to spot phishes these days? Read our tips...

Multiple celebs fell for this one. Don't believe them - it's as much as a hoax as it's always been.

Cisco just issued some urgent patching homework in the form of 31 security fixes, 4 of them for flaws rated ‘critical’.

Standard enables more security key options with passwordless a future possibility

GitHub has announced support for the Web Authentication (WebAuthn) security standard.…

Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening

Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for vulnerabilities in Steam after the corporation refused to pay out bug bounties for the flaws.…

Disclaimer: No advertisers were harmed in making this project

On Thursday, Google reminded everyone who might have forgotten that "privacy is paramount to us" and announced an initiative called "Privacy Sandbox" that proposes paving over a few privacy pitfalls without suffocating its ad business.…

Employees at Portland Public Schools were breathing easier this week after thwarting a business email compromise (BEC) scam that could have cost them almost $3m.

Google introduced a new initiative that it hopes will fight shady online advertising practices such as digital fingerprinting.

Microsoft has given audio clips to contractors for years, but it says it recently stopped. ... For the most part.

Could a simple automated scan have picked up open-source nasty? Hmm

Android spyware – open-source spyware, no less – has found its way onto the Google Play store, according to researchers from ESET.…

Willie Sutton and mobile attackers have much in common -- but defenses have evolved since the famous bank robber had his heyday.

The app purported to stream music - but actually siphoned victims' device contacts and files.

You can make your own joke about foxes and hen houses...

The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data.…

Episode 5 of the Naked Security Podcast is now live - listen now!

The new feature “disconnects,” but doesn't delete, your browsing history. Facebook will still use it for analytics.