Security

Adobe released an important Flash Player patch to fix a vulnerability over the weekend affecting those who have the Flash Player plugin installed.

The vulnerability, labeled CVE-2015-0311, was featured in the “Angler Exploit Kit,” a toolkit used by hackers. The Angler Exploit Kit is a toolkit that helps hackers initiate mass drive-by-download attacks. Drive-by-download attacks quietly put malware on your computer when you view malicious ads or visit unsecured websites.

The so-called "Thunderstrike" hardware exploit was publicized late last year, but the hack takes advantage of a flaw in the Thunderbolt Option ROM first disclosed in 2012. Until now, that flaw hasn't been patched, but according to iMore, the latest beta of Apple's OS X 10.10.2 update fixes the problem.

Citing people familiar with the software, it was said that OS X 10.10.2 prevents the Mac's EFI boot ROM from being replaced, and also makes it impossible to roll it back to a previous state.

There is no shortage of security-focused Linux distributions on the market, and among them is Pentoo Linux. While some security-focused Linux distributions concentrate on privacy, like Tails, others like Kali Linux and Pentoo focus on security research, providing tools that enable research and penetration testing. Pentoo Linux differentiates itself from other security Linux distributions in a number of ways.

Australian Customs and Border Protection Service (ACBPS) is enthusiastic about the prospect of mandatory data-retention legislation passing in Australia, stating that it would likely use intercept powers and powers to access stored data more frequently should the legislation pass.

Organizations are seeing a sharp increase in attacks using stolen account credentials, with crooks using new techniques to beat fraud detection systems, according to Gartner.

Gartner clients have reported a "significant rise" over the last two months in the use of stolen credentials to access accounts, wrote fraud expert Avivah Litan in a blog post Thursday.

A vulnerability in the Tesla Model S fully electric luxury car allows an attacker to unlock the vehicle, start the engine and drive away with it. The report is the second one from Chinese security company Qihoo 360 regarding the security of this particular Tesla model.

In a different demonstration, researchers managed to bypass the car’s protection systems and change the lock state, turn on the headlights, honk the horn, as well as open and close the sunroof.

Allegations that Chinese authorities hacked into Microsoft Corp's (MSFT.O) Outlook email service are "groundless slander", the official Xinhua news agency quoted Beijing's cyberspace regulator as saying late on Thursday.

The comments, made by the Cyberspace Administration of China (CAC) spokesman Jiang Jun, were in response to a Monday report by an online censorship watchdog which said that Chinese users of the email service were subject to a hacking attack over the weekend.

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.

The new exploit was observed in drive-by-download attacks launched with an exploit kit called Angler, according to an independent researcher who uses the online alias Kafeine.

Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds.

Mega-breaches like those at Target and Sony are good for one thing: they help security departments get greater buy-in and bigger budgets from the powers that be. In the wake of the Target breach, 61 percent of organizations increased their security budgets by an average of 34 percent in 2014, according to a study released today, conducted by the Ponemon Institute on behalf of Identity Finder, LLC.

Nearly half of people aged 16 to 24 foresee the end of passwords and pin numbers by 2020 as biometric security takes over, according to research by Visa.

The research of 2,000 people revealed that 69 percent of respondents aged between 16 and 24 - dubbed 'Generation Z' - believe it will be easier and faster to use biometric identification than remembering passwords and pin numbers.