An issue largely ignored because the security risk was deemed only theoretical might soon become a significant and dangerous security risk, according to Web application security vendor Watchfire Inc.

A bit of commonly ignored, leftover code found in many applications could give attackers a chance to remotely control or load malware onto your systems, a research team said this week. Jonathan Afek ...

On Wednesday, Johnathan Afek, a Senior Security Researcher for automated software vulnerability assessment vendor Watchfire, stood in front of an audience of several hundred developers and security ...

A researcher has developed a bypass for Microsoft’s latest memory corruption mitigations in Internet Explorer, Heap Isolation and Delay Free. For a long time, Microsoft’s monthly Patch Tuesday ...

Memory unsafety is a characteristic of many of today’s systems. The root cause of buffer bounds vulnerabilities such as buffer overflows and over-reads is unsafe programming. Major software vendors ...

The OpenSSL cryptographic library is used to provide Secure-Socket Layer (SSL) and Transport Layer Security (TLS) in many popular websites. These include Twitter, GitHub, Yahoo, Tumblr, Steam, and ...

The big picture: Mozilla has released new versions of its Firefox browser that correct a pair of critical zero-day vulnerabilities. Both have already been actively exploited in the wild, so you'll ...

The only thing better than a toy that keeps your cat and dog occupied for hours is one that requires no intervention on your part. A ball needs to be tossed, a pull toy needs to be tugged, but this ...

Prominent C++ developer Herb Sutter has proposed eliminating many dangling and null reference bugs in C++, to to address a longstanding issue with the language and promote code safety. The Version 1.0 ...