Let's Encrypt will revoke three million certificates because of a subtle bug in its server software that affected the way domain records were checked.
Security researchers, law enforcement, and analysts lurk in criminal marketplaces and forums collecting information which may indicate a possible data breach or data theft. It’s a tricky balancing act—blending in among criminals while not engaging in criminal activity that could get them arrested.
Dennis Fisher is joined by Chris Brook and Brian Donohue to revisit Enemy of the State, the 1998 techno-paranoia thriller that foretold much of what's happening in today's surveillance society.
Security through obscurity isn't always a bad thing, at least in the esoteric world of ICS security.
Encryption back doors will make matters worse, not better, crypto pioneers say.
Wendy Nather, head of advisory CISOs at Duo, joins Dennis Fisher to discuss her RSA keynote speech on democratizing security and making security more usable and collaborative.
A review of the SoloKey firmware found a serious downgrade attack flaw, which an attacker could use to install an older, vulnerable version. The bug has been fixed.
Rick Altherr of Eclypsium joins Dennis Fisher to talk about the company's new research on unsigned device firmware.
A gas compression facility was the victim of a ransomware attack that took its operations offline for two days and required replacement equipment.
Code changes intended to prevent attacks can wind up creating even more security issus, Google Project Zero warned.
Microsoft has removed the Windows security update addressing issues with third-party boot managers after users complained the updates caused their systems to stop working.
OpenSSH has added support for hardware security keys that implement the U2F standard.
Depending on who winds up buying corp.com, administrators with Active Directory in their networks may wind up with sensitive information unexpectedly leaving the network. Now is the time to check the configuration to make sure they are not using the domain internally.
Sen. Kirsten Gillibrand has introduced a new bill that would establish a federal Data Protection Agency with privacy oversight.
A long-running ad fraud campaign that was using more than 500 malicious Google Chrome extensions has been identified and halted by researchers.