Excellus BlueCross BlueShield, a large health care provider in New York state, says it was hit by an attack that began in 2013 and wasn’t discovered until last month, resulting in the compromise of members’ personal information, including Social Security numbers, addresses, financial and account information. The company did not specify how many people potentially[…]
About a decade ago, many large software makers learned some very difficult lessons about software security and building security into their products from the start. Some are still learning. The FTC and a variety of security experts are hoping that today’s crop of start-ups will not have to go through that same painful process. The FTC[…]
Researchers have peeled back the layers on a new campaign that spans multiple years and involves a new variant of the ubiquitous Gh0st remote access tool (RAT).
Exploit code for the Android Stagefright vulnerability was made public, and researcher Joshua Drake hopes organizations will test Android systems and devices against the code.
The iMessage system, like much of what Apple does, is mostly a black box. The company doesn’t talk much about how the system works, and although some security researchers found a couple years ago that Apple could read users’ encrypted messages if they so choose, law enforcement has had no luck in getting Apple to open[…]
Researchers at Kaspersky Lab have revealed that the Turla APT gang is using satellite-based Internet links to hide command-and-control activities.
Dennis Fisher talks with Jessy Irwin of 1Password about her path into the security world, the many security challenges in the education sector, the password-security problem, and security jewelry.
Microsoft patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked,
A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys.
The author behind one strain of banking malware, Gozi, has plead guilty and is awaiting sentencing while two other men, apparently responsible for developing the banking malware Citadel and Dridex, were recently apprehended.