Security News

An audit of open source file and disk encryption software VeraCrypt wrapped up and a number of critical vulnerabilities uncovered in the assessment were patched.

Researchers at Fidelis report there are similarities in coding and behavior between a new banking Trojan called TrickBot and the notorious Dyre malware.

For the first time, more than half of traffic on the Internet is encrypted, and experts say free SSL certificate providers are playing a big role.

U.S. representatives are asking Yahoo for clarity around a surveillance program mentioned in reports earlier this month.

Sierra Wireless warns that its AirLink gateways are being infected by the Mirai malware, and urges customers to change default passwords on devices.

Cheetah Mobile reports the origins of mobile Trojans are still coming from Ghost Push, which can root devices, show ads and install unwanted apps.

Mike Mimoso and Chris Brook discuss the news of the week, including the nuclear power plant 'disruption,' the StrongPity APT group, and the proliferation of IoT botnets.

A researcher has found a backdoor, which he calls Pork Explosion, in an Android bootloader built by Foxconn.

A popular Android app called Nine leaks Microsoft Exchange user credentials when users are tricked into connecting to rogue wireless access points.

Bug hunters earned $30,000 in rewards for reporting 21 security flaws that were fixed in Chrome 54.