Security News

The attack on the Office of Personnel Management that was disclosed earlier this month began as early as December 2014 and likely was the end result of a social engineering attack that enabled the...

A week after disclosing a cross-site request forgery vulnerability in small wind turbines manufactured by a company called XZERES, a security researcher has discovered a serious bug in the...

Attackers sitting on a network can intercept Swift keyboard updates from Samsung, inject code, and potentially take remote control of millions of Android mobile devices.

In one of the more bizarre alleged hacking stories to emerge recently, federal authorities are investigating whether employees of the St. Louis Cardinals hacked into systems belonging to the...

Dell SecureWorks said a new version of the Stegoloader malware uses steganography to hide itself from detection.

Google today launched the Android Security Rewards program, a bug bounty for Android Nexus 6 and Nexus 9 devices.

Amazon has released its first transparency report, and for a company as large as Amazon, there is surprisingly little in the way of detail or explanation in the report. The company reported that...

Cloud-based password manager LastPass said its network has been breached and attackers stole personal information as well as salts and hashes.

The U.S.-China Economic and Security Review Commission tackled China and cyberespionage today in a D.C. hearing.

The attackers behind the recently disclosed Duqu 2.0 APT have used stolen digital certificates to help sneak their malware past security defenses, and one of the certificates used in the attacks...