Security News

Dennis Fisher talks with Jessy Irwin of 1Password about her path into the security world, the many security challenges in the education sector, the password-security problem, and security jewelry.

Microsoft patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked,

A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys.

The author behind one strain of banking malware, Gozi, has plead guilty and is awaiting sentencing while two other men, apparently responsible for developing the banking malware Citadel and...

A new version of Adobe Shockwave Player patches two memory corruption vulnerabilities that could lead to remote code execution.

There was a cross-site scripting vulnerability in an eBay domain that could have allowed an attacker to steal users’ session cookies and take over their accounts. The company has removed the...

After more than a year if legal wrangling, the federal government has agreed to hand over its policy on vulnerability use and disclosure. The government had said that the policy was classified and...

Security experts constantly tell users not to reuse passwords on multiple accounts, but the message often falls on deaf ears. Now, officials at Mozilla are finding that advanced users don’t always...

The Department of Justice has established a new policy that requires federal law enforcement agents–and state and local agencies working with the department–to obtain search warrants in order to...

Dennis Fisher and Mike Mimoso talk about the potential US sanctions against China over cyberespionage, the browser vendors dumping RC4, the trouble at Mobile Pwn2Own and more security news of the week.