Researchers say BlackNurse attacks are low bandwidth (18Mbps) and can still knock offline many of today’s firewalls.

Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover.

Siemens is warning customers of a local privilege escalation vulnerability that leaves over a dozen models of its SCADA equipment open to attack.

An issue in iOS WebView that is trivial to exploit can give an attacker the ability to trigger phone calls from a targeted device, researcher Collin Mulliner said.

Google’s Safe Browsing program expands to include “Repeat Offender” websites in blacklisting program.

A phishing campaign is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015.

Microsoft extended the end of life deadline on EMET to July 2018, but experts say its usefulness as a mitigation toolkit has been limited for some time.

Security experts monitoring cyber-chatter for virtual and real-world threats against U.S. Election Day targets don’t believe there will be cyberattack or al-Qaeda terror attack this Tuesday.

Adobe again released a security update for Flash Player, patching nine remote code execution vulnerabilities. Adobe Connect for Windows was also updated.

Google’s November Android Security Bulletin patched 15 critical vulnerabilities, but only a supplemental patch for the Dirty Cow Linux vulnerability.