Sen. Ron Wyden has sent a letter to the heads of the NSA, DHS, and NIST, asking them to mandate the elimination of Flash from government sites and computers.
A flaw in the Bluetooth specification could let a nearby attacker intercept traffic between two paired devices.
Two-factor authentication is a vital part of many corporate security strategies, and is now offered by lots of consumer apps, as well. We wanted to see how much users know about it, so we asked one.
Google is done with reminders and warnings. It began marking web pages not using HTTPS as "Not Secure," and it turns out some of the world's most popular sites are affected.
Lawmakers and the federal government are looking for ways to counter influence and disinformation campaigns on social media and the wider Internet.
If we continue to think about cyber-warfare in the context of mass destruction and physical damage, we miss the fact that attackers are now taking more covert approaches to subvert existing systems. Disinformation is a dangerous tool.
Major tech companies and some lawmakers are pushing for rules on using facial recognition systems, but federal regulation isn't on the horizon.
Microsoft will do more than pay researchers bounties for finding and reporting vulnerabilities in Microsoft Account and Azure Active Directory in its Microsoft Identity Bounty Program. The company also wants vulnerabilities in select OpenID standards.
Two months into his job, FTC Chairman Joseph Simons says the commission needs more authority to enforce data security privacy violations.
Two powerful senators have asked executives at Google and Amazon to rethink their decisions to end the use of domain fronting on their cloud networks to help protect at-risk users.
Microsoft President Brad Smith is asking Congress to step in and regulate the use of facial recognition technology to help prevent abuse.
The FBI estimates that BEC scams have cost victims nearly $13 billion in the last year and a half, a major increase that shows no signs of being an anomaly.
Why are attackers interested in compromising the Internet of Things? In this Decipher video, security experts discuss what attackers are looking for when they go after Internet-connected doorbells and other smart devices.
Bundles of personal data records are referred to as fullz on the underground marketplaces by criminals. The data can include names, addresses, phone numbers, social security numbers (SSNs) and date of birth, all of which can be used for medical fraud, impersonation or even extortion. Stolen healthcare information is valued the highest.
Chrome now includes a new feature called Site Isolation that can help defend against speculative execution attacks in the browser.