New York’s lawmakers are on the brink of passing a data security law that will give New Yorkers more information about how their data is being used and when it has been compromised.
The OS X Gatekeeper security system can be bypassed with a new technique developed by researcher Filippo Cavallarin.
GitHub rolled out several new features designed to help developers write secure code at its recent GitHub Satellite conference last week in Berlin.
A vulnerability in all versions of the Docker platform can give an attacker full read and write access to the host file system.
Bills in the House and Senate would prevent warrantless searches of Americans' devices at the border.
Data breaches can be costly, both in terms of recovery, lost productivity, and regulatory fines. Moody’s revising its outlook on Equifax proves a breach breach can be detrimental to the company’s financial future.
The Do Not Track Act introduced by Sen. Josh Hawley would establish a single, enforceable mechanism for people to prevent data collection and online tracking.
Some Google G Suite customers' passwords were stored in plain text on the company's network since 2005.
There used to be a time when malware signed with a legitimate certificate was the mark of a sophisticated, nation-state-backed attacker. Now anyone can have signed malware.
In Firefox 67, Mozilla has moved to block cryptominers and browser fingerprinters, which track users across the web.
New Google research on account takeovers found that basic account hygiene can defeat the vast majority of attacks.
Kudos to Stack Overflow, for promptly notifying users as soon as it identified a breach and posting an update with more details as it learns them.
Atlassian, GitHub, and GitLab pledged to continue the information sharing relationship they started while investigating the origins of the recent ransomware incident which affected BitBucket, GitHub, and GitLab users.
A weakness in the Bluetooth pairing protocol in some Titan keys can leave them open to hijacking.
Attackers are increasing their use of "cipher stunting," a technique that randomizes their SSL/TLS signatures, to obscure the malicious web traffic and make it harder to detect.