Security News

The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.

After a nearly four-year respite, the data-stealing TeamSpy malware has resurfaced in a spam campaign.

US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.

Google Project Zero researchers are warning of an unpatched Microsoft vulnerability in the Windows' GDI library that allows attackers to steal sensitive data from program memory.

Mat Gangwer, CTO, and Tom Gorup, Security Operations Lead, at Rook Security talk to Mike Mimoso about the aggressive rise in online extortion and how it threatens not only data but physical safety.

A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.

According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, doomsday fears of a cyberattack against the U.S. electric grid are overblown.

SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference

Researchers demonstrate how malicious apps can break into secure Android work containers on EMM managed phones.

Cris Thomas of Tenable Networks, aka Space Rogue of the L0pht, talks to Mike Mimoso during RSA Conference about the rhetoric and hype surrounding cyberwar, as well as a quick trip down memory lane...