The Core Infrastructure Initiative, which has funded OpenSSL among other open source security projects, announced a badge program that evaluates secure development best practices.
The Internal Revenue Service disclosed this week that following the latest review of its system, 334,000 taxpayers – more than three times the agency’s initial estimate – may be affected by the hack it announced in May.
A publicly disclosed zero day in current version of Apple OS X remains unpatched.
Adobe pushed out a hotfix for LiveCycle Data Services patching an XXE vulnerability in BlazeDS.
Level 3 Communications has discovered a new type of reflection DDoS attack that takes advantage of RPC Portmapper to overwhelm networking services.
Ride-sharing company Uber, which has already battled a database compromise and hackers selling stolen accounts this year, announced over the weekend that it will bulk up its security division.
Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON.
Researchers warn several BitTorrent protocols can be leveraged to carry out distributed reflective denial of service (DRoS) attacks.
Published reports say that AT&T was the National Security Agency’s primary telecommunications partner and facilitated much of its surveillance efforts around telephone and Internet traffic collection.
Dennis Fisher and Mike Mimoso talk about the news from Black Hat, car hacking, the Mary Ann Davidson blog post, and the Android security mess.