Mozilla will reduce the valid lifespan of TLS certificates in its root store to 398 days in a move to limit exposure for keys and certificates.
Google's Tsunami scanner is designed specifically to find critical vulnerabilities in large-scale enterprise networks.
Under California’s data privacy law, consumers can ask companies for data that has been collected about them. However, this Duo Labs research reveals how the complex web of data sharing and partnerships makes it very difficult for consumers to know who has their data, let alone what is being collected.
Citrix has fixed 11 vulnerabilities in its ADC, Gateway, and SD-WAN appliances, some which could allow authenticated access to a target appliance.
A critical vulnerability in F5 Networks’ BIG-IP networking gear is under active attack, just days after the company first announced the flaw.
On the heels of yet another privacy incident where Facebook app developers received user data when they shouldn’t be, the social networking giant rolled out new terms and policies for developers.
The Association for Computing Machinery, a venerable computing society, has called for the immediate suspension of the use of facial recognition systems until regulation is in place.
The University of California San Francisco paid some of the $1.14 million ransom to regain access to data encrypted by ransomware on its School of Medicine servers.
Palo Alto Networks has patched a critical flaw in many of its products that support SAML-based authentication for SSO.
Legislation introduced in both the House and Senate would ban the use of facial recognition systems by federal entities.
The Lawful Access to Encrypted Data Act introduced this week would require device makers and service providers to create exceptional access to encrypted data at rest and in motion.
Melanie Ensign, CEO and founder of Discernible Communications, joins Dennis Fisher to talk about what effective security and privacy communications look like.
The Evil Corp group responsible for the Dridex malware is using a new ransomware called WastedLocker that targets cloud services and backups.
The Holmium threat group has been using password spraying attacks against Office 365 to gain access to corporate networks.
Hundreds of millions of embedded and enterprise devices are vulnerable to a long list of flaws in the Treck TCP/IP stack.