Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

microsoft headquarters
dell xps 13

subway train in tunnel

VPN bug poses privacy threat to BitTorrent downloaders

A bug affecting some VPN services can be used to figure out a computer's real IP addresses, including those of BitTorrent users, which could pose a huge privacy and possibly a legal risk.

dell xps 13

Older Dell devices also affected by dangerous eDellRoot certificate

Users who have Dell Windows-based laptops, desktops, tablets and other devices that were bought before August should check if their systems have the self-signed eDellRoot certificate that can compromise their private communications.

generic image of a wi-fi router

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH host keys or HTTPS server certificates.

microsoft campus building

Microsoft beefs up security products to block adware

Microsoft is adding a new opt-in defense for enterprises to block adware, which is often sneakily wrapped into free downloads.

Apple brings down apps, mainly Chinese ones, with malware

Dridex spam campaigns target the US, UK and France

The Dridex botnet, which targets financial credentials, appears to be gaining steam again, striking computers in the U.S., U.K. and France.

Lenovo store in China

Lenovo patches serious vulnerabilities in PC system update tool

For the third time in less than six months PC manufacturer Lenovo has had to update the System Update tool pre-loaded on some of its products for security reasons.


This gizmo knows your Amex card number before you've received it

A device built by legendary hacker Samy Kamkar calls into question the security of payment cards as the U.S. continues to grapples with card fraud.

hilton istanbul exterior hr

Hilton says malware targeted its credit card system

Hilton Worldwide says it has identified and removed malware that targeted card payment systems at some of its hotels over a 17-week period from late 2014 to mid 2015.

dell xps 13 15

And then there were two: Another dangerous Dell root certificate discovered

After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool.

victim identity theft computer problem

What you need to know about Dell's root certificate security debacle

In an attempt to provide a more streamlined remote support experience, Dell installed a self-signed root certificate and corresponding private key on its customers' computers, exposing users' encrypted communications to potential...

credit cards

As China moves to payment cards, cybercriminals follow

As China increasingly embraces payment cards over cash, Trend Micro is seeing an uptick in cybercriminal activity aimed at card fraud.

8 https

Dell security error widens as researchers dig deeper

The fallout from a serious security mistake made by Dell is widening, as security experts find more issues of concern.

Dell's XPS 13 with LG TV

Dell installs self-signed root certificate on laptops, endangering users' privacy

Users are reporting that some Dell laptops sold recently come preloaded with a self-signed root digital certificate that lets attackers sniff traffic to any secure website.

Windows user account control

Adware program Vonteera blocks security products with simple Windows UAC trick

A well-known adware program called Vonteera prevents users from installing antivirus products by artificially blacklisting their digital certificates in Windows.

hardware security embedded circuit board integrated controller

Many embedded devices ship without adequate security tests, analysis shows

An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them.

20151109 dojo device

Home IoT security could come from a glowing rock next year

Home IoT security startup Dojo-Labs thinks it can reduce the complexity of a home full of connected devices to three colors: red, orange, and green.

Apple brings down apps, mainly Chinese ones, with malware

Hacking group that hit South Korea may be at it again with new target

A hacking group that crippled South Korean banks, government websites and news agencies in early 2013 may be active again, Palo Alto Networks said Wednesday.


Damballa finds tools related to the malware that hit Sony

Security company Damballa said it has found two utilities that are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year.

Load More