Security News > 2017 > December

Beautiful video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. From the...

The chilly weather is setting in here in the northern hemisphere, and as we get ready for the holidays many of us are gathering round a cheery fire. But not everyone is enjoying the warmth of this...

Organizations have become slightly better at detecting cyber intrusions, but malicious actors are constantly working on improving their tactics and techniques, according to CrowdStrike’s 2017...

If your computer is running Microsoft's Windows operating system, then you need to apply this emergency patch immediately. By immediately, I mean now! Microsoft has just released an emergency...

Google gives Administrators new ways to lock down the browser.

Apple usually pushes out security updates for its various devices and software on the same day, but not this time. The iOS update was rushed out on Saturday because of a critical need to fix a bug...

The OpenSSL Project announced on Thursday the availability of OpenSSL 1.0.2n, a version that patches two vulnerabilities discovered by a Google researcher. read more

Thousands of WordPress sites have been infected with a piece of malware that can log user input, Sucuri warns. read more

Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.