Security News

RIPPER malware forces ATMs to churn out cash for crooks via a malicious EVM bankcard attack.

Online storage service Dropbox began notifying users over the weekend that if they haven't updated their password since 2012, they'll be prompted to update it the next time they log in.

Researcher warn medical devices made by St. Jude Medical are at risk of attacks via SSH certificate reuse vulnerabilities and static credentials that can easily give hackers root access to key...

Mike Mimoso and Chris Brook discuss the news of the week, including the latest on ShadowBrokers and Cisco, Sweet32, decryptors for the Wildfire ransomware, and some gaming forum breaches.

Apple rushed an emergency iOS update that patches three zero days being exploited in spyware sold to oppressive governments to monitor human rights activists and journalists.

France's and Germany's Interior Minister are urging the EU to consider implementing a law to get companies to decrypt encrypted communications.

Researchers develop WiKey technology that can sniff out keystrokes with 97.5 percent accuracy using an off-the-shelf Wi-Fi router and a $200 laptop.

VMware this week patched its Identity Manager and vRealize Automation products against privilege escalation and remote code execution vulnerabilities.

Tor updated its software to 0.2.8.7 and fixed a number of issues, including a bug in the ReachableAddresses option that possibly degrades anonymity.

Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump.