The Department of Justice has established a new policy that requires federal law enforcement agents–and state and local agencies working with the department–to obtain search warrants in order to use Stingray devices.
Dennis Fisher and Mike Mimoso talk about the potential US sanctions against China over cyberespionage, the browser vendors dumping RC4, the trouble at Mobile Pwn2Own and more security news of the week.
HP, a longtime sponsor of the Pwn2Own hacking contests, has decided it will not participate in November’s Mobile Pwn2Own event in Japan because of concerns over the country’s implementation of the Wassenaar Arrangement rules.
Cisco has patched a remote file-overwrite vulnerability in a couple of its products that could allow an attacker to replace arbitrary files and cause target systems to become unstable.
A new strain of Android ransomware disguised as a video player app uses an instant messaging protocol called XMPP to receive commands and communicate with the command and control server.
Dennis Fisher talks with Window Snyder of Fastly about her early interest in technology, what it was like meeting the L0pht crew at the MIT Flea as a teenager, her time at @stake, working on XP SP2 at Microsoft, Apple’s security evolution and much more.
New variants of the notorious Carbanak Trojan have surfaced in Europe and the United States, and researchers say that the malware now has its own proprietary communications protocol and the samples seen so far have been digitally signed.
Netflix released Sleepy Puppy, a cross-site scripting payload management framework, to open source. The tool finds XSS vulnerabilities in secondary applications.
Millions of government workers whose information was implicated in this year’s expansive Office of Personnel Management hack still haven’t been notified, the agency revealed this week.
Google promoted Chrome 45 to a stable release, patching 29 security vulnerabilities. It has also started pausing ads running Flash.