Security News > 2017 > January

The Star Wars Twitter botnet, the return of Lavabit, a critical Cisco Webex flaw, and the St. Louis Library ransomware story are discussed.

Do you trust your Android VPN client to keep your data secure and your online browsing private? Perhaps you shouldn’t. A group of researchers has analyzed 283 Android apps from Google Play that...

Mike Specter has an interesting idea on how to make biometric access-control systems more secure: add a duress code. For example, you might configure your iPhone so that either thumb or forefinger...

Facebook is letting users tie a physical security key to their account as an added layer of security.

VirLocker (aka VirLock, aka VirRansom) is a virulent piece of machine-locking ransomware that has been around for quite some time. It’s actually quite a surprise that it is not more widespread,...

A bipartisan bill was introduced this week in the House calling for the NHTSA to conduct a study that would determine appropriate cybersecurity standards for motor vehicles.

All of the initial analysis pointed to Shamoon emerging in the Middle East. This however was not the end of the story since the campaign continues to target organizations in the Middle East from a...

A researcher earned $9K for identifying a XXE vulnerability in third party backup software used by Uber.

Citing security concerns, Google announced that it will soon block JavaScript (.js) file attachments in Gmail.

Researcher Mariusz Mlynski found and disclosed four high-severity vulnerabilities in Chrome’s Blink rendering engine, earning himself $32,000 through the Chrome Rewards program.