Researchers find zero-day exploit discovered on DirecTV hardware
Despite being told six months ago, Linksys has yet to fix a zero-day found by Trend Micro researchers.
Here's what the newly signed NDAA means for cybersecurity
President Trump signed the National Defense Authorization Act (NDAA) Tuesday, approving the $700 billion spending bill designed to fund the U.S. military and its various cybersecurity-focused initiatives.
Facebook patches security flaw based on 19-year-old bug; other sites may still be vulnerable
Researchers from the U.S. and Germany found a workaround that makes an old bug still applicable to major websites, with the ability to intercept passwords and other private information.
It's easy to fake Extended Validation certificates, research shows
EV certificates — the files that tell a browser to show the little green lock — are supposed to make crystal clear who owns a website. There's a way around it, though.
Atos makes $5 billion bid for Gemalto
Gemalto is the world's largest manufacturer of SIM cards and credit card chips but has posted lower-than-expected profits throughout the year.
Is Mailsploit really a threat to DMARC?
A new security testing tool that enables email messages to be faked or spoofed, even if the recipients are protected by best practices, has garnered some strong criticism from email security advocates.
Menlo Security raises $40 million in Series C round
Menlo’s business has grown on the back of its malware isolation platform.
Conficker worm still spreading despite being nearly 10 years old
Approaching its silver anniversary, Conficker tallied over 2.5 million successful infections in 2017.
Hacking group turns Microsoft Office flaw into an exploit in less than a week
APT34 has been especially active since mid-2016, based on publicly available research authored by analysts with FireEye and Kaspersky Lab.
This country's hacking efforts have become too big to ignore
While hackers linked to China, North Korea and Russia earned headlines over the past year, similar groups in Iran have been drawing far less attention.
Critical vulnerability found in Microsoft Malware Protection Engine
The vulnerability was found and reported by an organization under GCHQ.
Stanford U. official ousted after keeping quiet about huge exposure of sensitive data
The data exposure led to controversy about how the school said it dealt out financial aid versus how the process actually worked in practice.
Ethiopia using Israeli spyware to spy on dissidents, journalists
A Citizen Lab researcher, Bill Marczak, was also targeted during the course of the investigation.
Pepsi denies claim that it hacked Russian government watchdog
A strange tale of government bureaucracy comes to light in Russia.
Android developer apps suffered from multiple severe vulnerabilities
One vulnerability allowed for an attacker to execute code remotely on a victim's computer, effectively handing full control over to the hacker.
Roy Moore scandal used for phishing schemes aimed at U.S. law firms
A group loosely connected to China is trying to capitalize on the scandal surrounding the special election in Alabama.
U.K. cyber agency tells government to handle Russian anti-virus software with caution
The guidance stops short of banning any software outright, but warns that national agencies should avoid using Russian anti-virus software in the interest of national security.
Watchdog questions DoD about Cyber Command's work with private sector, civilian agencies
The role the military, intelligence community or DHS plays in stopping digital attacks aimed at the U.S. economy can appear blurred at times.
Why Eugene Kaspersky keeps talking about 'Project Sauron'
Kaspersky Lab founder and CEO Eugene Kaspersky says he's figured out why the U.S. government hates his company.
Uber security executives leave company amid lawsuit and breach investigation
Two security employees are resigning, and another is taking medical leave. All three were apparently working at Uber during the October 2016 breach.