Oracle has addressed a long-standing security flaw in the Java Runtime Environment (JRE). Known variously as "the Mark-of-the-Beast," "the Magic Number," and "the Floating Point of Death," the bug causes the JRE to hang when parsing strings like "2.2250738585072012e-308" to a binary floating point number.
A demonstration of an attack against an Apple iPhone at the Black Hat Technical Security DC 2011 Conference in Arlington, Va., demonstrated that software in many GSM-based smart phones contains vulnerabilities that could open the phones to remote exploits.
Scammers have set their sights on tablets and smartphones, and away from Windows desktops, in response to rising consumer demand for mobile devices.
A former FBI consultant claims the FBI had backdoors installed in the OpenBSD operating system to allow the agency to eavesdrop on virtual private networks used by U.S. attorneys nearly a decade ago.
Java should be considered a top software security threat, even more so than Adobe PDF files, according to Microsoft's announcement issued today.
Microsoft released an "important" patch to address an information disclosure security vulnerability associated with ASP.NET systems.
Microsoft plans to release a patch on Tuesday for a security issue associated with ASP.NET systems.
Flaw in AES encryption allows tool to crack Machine Key values used to encrypt cookies in 30 to 50 minutes. Microsoft offers guidance on limiting exposure.
Hewlett-Packard Co. today said it is acquiring security software vendor Fortify Software Inc. for an undisclosed amount.
The majority of Internet security threats come from unpatched vulnerabilities in Adobe Acrobat/Reader and Microsoft's Internet Explorer browser.
Microsoft's Internet Explorer browser showed a U.S. market share gain in May compared with competing browsers.
Nearly half of U.S. IT professionals surveyed believe that the risks of cloud computing outweigh its benefits.
Microsoft today released its second "critical" off-cycle patch for Internet Explorer this year.
Even a fire-proof safe needs additional protective measures, and Internet Explorer 8 on Windows 7 is no different.
Last week Google released SkipFish, a no-cost, open source "security reconnaissance tool" for Web-based applications.
Microsoft published a workaround for an in-the-wild vulnerability in Internet Explorer 6 and 7, described last week.
A Microsoft-funded report found that IE 8 outperformed four other browsers in protecting against socially engineered malware.
Researcher says read the fine print before connecting to the cloud.
The heavyweight lineup of government representatives at last week's RSA Conference raised many questions -- but few answers -- about how best to fight cybercrime.
Cisco announced its Secure Borderless Network architecture, which the company is positioning as a reconceptualization of enterprise security.