As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software. The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites. The vulnerability, reported by Robert Święcki of the Google Security Team on

Facebook is reportedly buying stolen passwords that hackers are selling on the underground black market in an effort to keep its users' accounts safe. On the one hand, we just came to know that Yahoo did not inform its users of the recently disclosed major 2014 hacking incident that exposed half a billion user accounts even after being aware of the hack in 2014. On the other hand, Facebook

Part of the $81 Million stolen from Bangladesh bank's New York Federal Reserve account earlier this year in the wake of the major malware attack on the SWIFT interbank transfer network has been tracked down to a casino in the Philippines. SWIFT, or Society for Worldwide Interbank Telecommunication, is a global financial messaging system that thousands of banks and organizations around the

Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched. The company criticized Google's move, claiming that the disclosure of the vulnerability, which was being exploited in the wild, put its customers "at potential risk." <!-- adsense --> The vulnerability affects

Just Imaging — What if, you enter into your home from a chilling weather outside, and the heating system fails to work because of a cyber attack, leaving you in the sense of panic? The same happened late last month when an attack knocks heating system offline in Finland. Last week, a Distributed Denial of Service (DDoS) attack led to the disruption of the heating systems for at least two