Latest news

Flaws in MatrixSSL Leave IoT Devices Open to Attack
Device Security

Flaws in MatrixSSL Leave IoT Devices Open to Attack

Researchers have discovered several flaws in the MatrixSSL TLS stack used in IoT devices, two of which could let an attacker execute arbitrary code on a vulnerable device. MatrixSSL is a small TLS/SSL stack that’s designed for use in embedded systems and other constrained environments. The software can run in […]

Microsoft Makes Edge Bug Bounty Permanent
Hacking

Microsoft Makes Edge Bug Bounty Permanent

Microsoft is making the bug bounty for its Edge browser a permanent program, a significant change to the way the company incentivizes researchers to find vulnerabilities in the application. It’s been a little less than a year since Microsoft launched the bounty as a temporary offering with the Windows 10 […]

EU Parliament Seeks Ban on Crypto Backdoors
Privacy

EU Parliament Seeks Ban on Crypto Backdoors

The European Parliament is considering a draft proposal that would effectively prohibit the introduction of backdoors in encryption systems and other kinds of interference with confidential information. The proposal, introduced before the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, comes at a time when legislators in a number […]

California Lawmaker Seeks to Restore Broadband Privacy Rule
Privacy

California Lawmaker Seeks to Restore Broadband Privacy Rule

Three months after Congress voted to repeal some privacy protections that prevented ISPs from sharing customers’ browsing history and other sensitive data without consent, a California legislator has introduced a bill in the state assembly that would restore those protections. The federal legislation passed in March essentially rolled back a […]

Europol Hits Group Allegedly Selling Security Evasion Tools
Hacking

Europol Hits Group Allegedly Selling Security Evasion Tools

Europol has arrested six people as part of a wide-scale operation to crack down on cybercriminals who sell tools such as crypters and anti-AV that help attackers evade security defenses. The operation involved authorities in several countries and over the course of several days earlier this month, Europol officials made […]

Email Compromise Campaign Hits Hundreds of Companies
Hacking, Social Engineering

Email Compromise Campaign Hits Hundreds of Companies

A large-scale, long-term business email compromise campaign has been targeting large industrial companies, including those in the energy, metals, and power sectors. The campaign has been running for several years and has included a variety of tactics, namely compromises of corporate email systems, network exploitation, social engineering, and highly targeted […]

New IRS Phone Scam Tied to Prepaid Debit Cards
Phone Fraud, Social Engineering

New IRS Phone Scam Tied to Prepaid Debit Cards

Although tax season has been over for two months now, phone scammers are continuing to target victims with a new version of the venerable IRS phone fraud scam, using the agency’s electronic payment system as a lure. The latest iteration of the scheme involves scammers calling victims and trying to […]