Security News

Google released CSP Evaluator and CSP Mitigator to aid developers in building better Content Security Policy protections for web applications.

APT gang Sofacy is targeting Mac OS X users with a Trojan that allows an attacker to execute remote commands on infected systems.

Crypto company Venafi points out potential holes in Yahoo's processes and policies around cryptography and digital certificates, any of which could have been exploited in the breach to move data...

Developers behind the malicious downloader Hancitor have bolstered the malware again, this time with new delivery approaches that make it more difficult to detect.

Researchers have identified a new ransomware strain that spoofs tracking services via spam messages and contain URLs that link to malicious files.

OpenSSL’s most recent update introduced a critical vulnerability in the crypto library, forcing an emergency update today.

OpenSSL patched a high-severity vulnerability in its deployment on the Online Certificate Status Protocol, and also mitigated the SWEET32 attack.

Security firm claims to have found a new weakness in Apple’s iOS 10 that makes it possible to crack password-protected local backups of data for iOS 10 devices.

The massive Yahoo breach, this week's Security of Things Forum, Mamba ransomware, and Google Allo are discussed.

In a keynote at the Internet of Things Forum Dr. Kevin Fu said that medical devices should be subjected to rigor so patients can make clinically relevant decisions.