Security News

Google is rolling out a new policy that will force all Windows and Mac users to install Chrome extensions only from the Chrome Web store. The company last year began enforcing this policy for...

Proof of concept code exploiting the VENOM vulnerability has surfaced. Its author says mitigating factors make VENOM difficult to exploit at scale.

The U.S. House voted 388-88 to end the NSA's bulk collection of phone call metadata business records.

Cisco patched command injection, authentication bypass, and denial of service vulnerabilities in a number of its TelePresence products.

It’s been a couple of months since we left our heroes on CSI: Cyber, and boy, have they been busy. They have apparently solved many crimes using cyber-sleuthing, acquired some decidedly non-cyber...

Dennis Fisher talks with Dan Kaminsky about the VENOM bug, the value of virtual machine escapes, why everyone wants to make every bug the worst one of all time or just a bunch of hype and what the...

SAP SE has fixed security vulnerabilities in a pair of compression algorithms used by a number of the company's popular business management software programs.

The Open Smart Grid Protocol Alliance said updates will be rolled out in September to networks and devices that address weak homegrown cryptography pointed out in a research paper.

A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially open subsequent internal servers up to further attacks.

Microsoft updates its cryptographic cipher suite prioritization in Windows with the addition of four suites that bring Perfect Forward Secrecy to the operating system.