Microsoft finally bans SHA-1 certificates in Internet Explorer and Edge
The Tuesday updates for Internet Explorer and Microsoft Edge forces those browsers to flag SSL/TLS certificates signed with the ageing SHA-1 hashing function as insecure.
The Tuesday updates for Internet Explorer and Microsoft Edge forces those browsers to flag SSL/TLS certificates signed with the ageing SHA-1 hashing function as insecure.
Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including three flaws that have already been exploited in targeted attacks by cyberespionage groups.
Microsoft released an update for the malware scanning engine bundled with most of its Windows security products to fix a highly critical vulnerability that could allow attackers to hack computers.
Hackers compromised a download server for HandBrake, a popular open-source program for converting video files, and used it to distribute a macOS version of the application that contained malware.
Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly available tools.
A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.
The FIN7 financially motivated cybercrime group is abusing the Windows Application Compatibility Infrastructure, a feature that makes it possible for enterprises and developers to quickly resolve incompatibilities between their applications and new Windows versions.
The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer between them.
There's now a new tool that could allow researchers and companies to quickly block communications between some malware families and their constantly changing command-and-control servers.
Android has received security fixes for over one hundred vulnerabilities, including 29 critical flaws in the media processing server, hardware-specific drivers and other components.
A new malware program that targets macOS users is capable of spying on encrypted browser traffic and stealing sensitive information.
Hundreds of thousands of internet gateway devices from around the world, primarily cable modems, are vulnerable to hacking because of a serious weakness in their implementation of the Simple Network Management Protocol.
Web optimization and security firm Cloudflare launched a service that could allow IoT manufacturers to protect devices from attacks and deploy patches much quicker.
The mobile application that accompanies many Hyundai cars exposed sensitive information that could have allowed attackers to remotely locate, unlock and start vehicles.
Users of Webroot's endpoint security product, consumers and businesses alike, had a nasty surprise on Monday.