Security News

A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week. The Password Alert extension is...

Dennis Fisher and Mike Mimoso discuss the post-RSA news, including the MySQL bug, the progress of the OpenSSL overhaul and the wildly entertaining House hearing on crypto backdoors.

Researchers at Seculert have found a new version of the Dyre banking malware, one that is adept at avoiding sandbox detection.

A critical vulnerability in popular household routers such as D-Link and Trendnet could be exploited by attackers to run arbitrary code on devices.

The SANS Institute reports a new strain of CTB-Locker ransomware moving this week via spam messages.

Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker to strip SSL/TLS connections of their security wrapping...

A Congressional hearing on encryption and "frontdoors" produced a generous amount of the usual "crazy" from lawmakers and law enforcement.

Details on a number of unpatched vulnerabilities in a popular WordPress ecommerce plugin called CartPress were disclosed.

A potentially dangerous XSS vulnerability has existed in eBay for more than a year and it doesn’t appear the company is a rush to fix the issue.

Heartbleed made the world notice what kind of shape OpenSSL development was in from a financial and resources standpoint. In the year since, the project has been funded enough to hire full-time...