Security News

Google ensures HTTPS connections to its domains with support for HTTP Strict Transport Security, or HSTS.

Researchers at Endgame are expected at Black Hat to introduce Hardware Assisted Control Flow Integrity (HA-CFI), which leverages features in the micro-architecture of Intel processors for security.

Sniffing HTTPS URLs with malicious PAC files gets easier with a new technique that exploits flaws in the Web Proxy AutoDiscovery protocol.

For over a year attackers were able to carry out a malvertising campaign that managed to draw between one and five million client hits a day, according to researchers. The scam infected thousands...

A new SpyNote Trojan can give bad guys control over your phone from the camera, microphone to eavesdropping on phone calls.

Mike Mimoso and Chris Brook discuss the news of the week, including a wireless keyboard vulnerability - KeySniffer, NIST's statement on 2FA, a LastPass remote compromise bug, and a new Tor paper.

Developers with Android’s Security Team peeled back some of the layers on the mobile operating system this week; describing the lengths Google goes to protect the Linux kernel.

Petya ransomware developers leak competitor Chimera's decryption keys in an attempt to drive new business to a new Petya and Mischa offering.

LastPass has patched a vulnerability in its Firefox add-on that allows attackers complete remote compromise of the password manager

A new White House directive outlines the U.S. cyber threat response strategy along with issuing a color-coded cyber threat schema.