Two SQL injection vulnerabilities were patched in Ruby on Rails, a popular open-source Web development framework used by some high-profile websites.
An unprotected SSH access key left inside the Cisco Unified Communications Domain Manager product for remote support purposes allows attackers to take complete control of affected deployments.
A critical vulnerability found in a WordPress plug-in that has been downloaded over 1.7 million times allows potential attackers to take complete control of blogs that use it.
Microsoft has backtracked on a plan to stop sending email-based notifications about security bulletins starting this month.
Eastern European-based attackers gained access to the networks of energy providers by tampering with software updates for industrial control systems, gaining a foothold that could be used for sabotage, Symantec said Monday.
Two months after critical vulnerabilities were patched in Apache Struts, a popular open-source framework for developing Java-based Web applications, VMware released a security update to incorporate the fixes in its vCenter Operations Management Suite...
A European bank may have lost as much as €500,000 (US$682,000) in a week earlier this year, according to Kaspersky Lab, which analyzed data on a server used in attacks against online banking users in Italy and Turkey.
PayPal was one of the first large online services providers to offer two-factor authentication to its users, but until recently the company's implementation had a loophole that could have allowed attackers to bypass this additional protection.
The number of NTP (Network Time Protocol) servers that can be abused to amplify DDoS attacks has decreased dramatically this year, but the threat remains.
AskMen.com, a popular website with millions of monthly visitors, was redirecting visitors to other domains that delivered the Caphaw malware, according to security vendor WebSense.
Despite a great start, the rate of patching OpenSSL servers against the critical Heartbleed vulnerability has slowed down to almost a halt. Around 300,000 servers remain vulnerable and many of them are unlikely to get patched anytime soon.
Less than three weeks after pushing Android 4.4.3 to users of its Nexus devices, Google released a new version of the OS that incorporates a patch for a serious vulnerability identified in the OpenSSL cryptographic library.
Tens of thousands of servers have a hard-coded, plain-text password that could yield remote access to a management interface for a server, according to a security researcher.
A vulnerability allows attackers to disable Microsoft's antimalware products by sending specifically crafted files to users via websites, email or instant messaging applications.
A hacker exploited publicly known vulnerabilities to install malware on network-attached storage systems manufactured by Synology and used their computing power to generate Dogecoins, a type of cryptocurrency.
Most Popular Reviews
- 1 Sony Xperia Z3 review: The no-frills flagship
- 2 Samsung's Galaxy Alpha review: A peek into the Galaxy S6
- 3 Samsung Galaxy Note 4 review: The busiest, biggest and best Samsung phablet
- 4 Aldi's $279 Bauhn Sphere review: Disappointing
- 5 Nokia Lumia 735 review: Perfectly ordinary
Best Deals on GoodGearGuide
Latest News Articles
- MIT unifies Web development in a single, speedy new language
- Google, Microsoft, Sony make 'The Interview' available online
- Experts: FCC will adopt net neutrality rules in early 2015
- Romanian version of EU cybersecurity directive allows warrantless access to data
- Rackspace DNS recovers after DDoS brings system down
GGG Evaluation Team
First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.