Security News

The result of the recent LinkedIn, Tumblr and Myspace breaches will be a virtual crime wave as hackers take stolen credentials and unlock other accounts across the web, say experts.

Google will next week begin a gradual deprecation of unsafe crypto protocol SSLv3 and cipher RC4 in Gmail IMAP/POP clients.

Rapid7 released its National Exposure Index, which measures the top 30 ports and protocols on IPv4 and quantifies unsecured services running on the Internet.

Uber patched a bug in its site recently that could have allowed an attacker to log into some of its sites without a password and further compromise its internal network.

Facebook has patched a vulnerability in its desktop and mobile Messenger apps that allows an attacker to modify chats and expose victims to malware and fraud.

Researchers discover a vulnerability in Mitsubishi's Outlander Hybrid SUV that allows hackers to disable the anti-theft alarm from a laptop and control the car's heat and AC.

Academics have developed a framework for typo-tolerant passwords that significantly enhances usability without compromising security.

Google's monthly Android Security Bulletin patches eight critical vulnerabilities, including a half-dozen in various Qualcomm drivers, Mediaserver, and libwebm.

Hackers infiltrated the European social network VK.com at some point over the last several years and made off with credentials for 100 million of its users.

New Microsoft Silverlight and Adobe Flash exploits included in the Angler Exploit Kit have the ability to bypass Microsoft EMET on Windows machines.