Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Malicious hackers are using rigged Microsoft Excel files to exploit a zero-day flaw in Adobe's ubiquitous Flash Player software.
Microsoft's inability to fix a troublesome browser vulnerability that dates back to 2004 has come back to haunt users of its flagship Internet Explorer browser.
Less that 24 hours after a team of researchers exploited a WebKit security hole to hack into RIM's BlackBerry smart phone, Google has issued a Chrome browser update to address the vulnerability.
Microsoft says the vulnerability used by researcher Stephen Fewer to exploit Internet Explorer 8 has already been fixed in the RC and RTM versions of Internet Explorer 9.
A currently ongoing malware campaign is brand-jacking DHL for malware-serving purposes.
A trio of security researchers used the spotlight of the CanSecWest Pwn2Own contest here to exploit multiple WebKit vulnerabilities in an impressive browser attack against a BlackBerry Torch 9800 smart phone.
Charlie Miller kept his Pwn2Own winning streak intact with another successful hack of an Apple product.
Threatpost.com editor Dennis Fisher talks to Pwn2Own winner Stephen Fewer about the contest, the challenge of attacking IE 8 and the utility of memory protections
Researchers from RSA's FraudAction Research Lab are reporting on a recently discovered new module within the popular crimeware SpyEye.
Using three different vulnerabilities and clever exploitation techniques, Irish security researcher Stephen Fewer successfully hacked into a 64-bit Windows 7 (SP1) running Internet Explorer 8 to win this year's CanSecWest hacker challenge.
A team of security researchers from the French pen-testing firm VUPEN successfully exploited a zero-day flaw in Apple's Safari browser to win this year's Pwn2Own hacker challenge.
With obvious eyes on this year's CanSecWest Pwn2Own hacker challenge, Apple today dropped two major security updates for Safari and iOS to fix more than 60 vulnerabilities that could be used to hijack Windows, Mac OS X or iPhone/iPod Touch devices.
In a perfect world, you will not just get a notification from your ISP about your participation in a botnet, you may easily get "quarantined" until you meet certain "security awareness" requirements combined with proof that you're no longer infected.
Apple has released a Java for Mac update to fix multiple security security vulnerabilities, some serious enough to expose Mac OS X users to remote code execution attacks.