Security News

Thousands of embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks.

Electronics company VTech, perhaps best known for manufacturing children's toys, announced Monday that information on five million accounts were compromised in a breach this month.

Microsoft has added opt-in protection for Windows enterprise users that blocks potentially unwanted programs and applications.

Lenovo has patched two serious vulnerabilities in Lenovo System Update that can allow hackers elevate privileges and guess admin passwords.

An attacker working off domains belonging to Chinese registrar BizCN has been moving the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.

A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed.

Two more self-signed root certificates and corresponding private keys were found on Dell computers.

Thousands of cable modems manufactured by the Georgia-based telecom Arris suffer from a series of issues: XSS and CSRF vulnerabilities, hard-coded passwords, and what a researcher is calling a...

Different models of Dell computers have shipped with a preinstalled root certificate and private key, opening the machines up to man-in-the-middle attacks.

RSA has uncovered GlassRAT, a spy tool targeting commercial targets that's signed with a stolen certificate from a large developer in China.