Authorities from six different nations worked on Tuesday to apprehend 49 suspects connected with carrying out a complex phishing scheme dubbed Operation Triangle.
SANS Institute reports that Cryptowall 3.0 ransomware infections emanating from the Angler Exploit Kit are on the rise, and coincide with a spike from malicious spam campaigns.
In the forthcoming iOS 9.0 release, Apple is adding two-factor authentication and a number of other security features.
Mozilla announced that it has increased rewards for vulnerabilities submitted to its bug bounty program, and that for the first time it will pay for some bugs whose severity is rated moderate.
Microsoft announced it has added HTTP Strict Transport Security (HSTS) to Internet Explorer 11 on Windows 8.1 and Windows 7, in addition to its native inclusion in Microsoft Edge on Windows 10.
UPDATE–As the debate over potential government interference with encryption technologies rages in countries around the world, Congress is now going down a different path, asking technology companies whether it’s feasible and potentially effective for certificate authorities to restricting the way that government-owned CAs can issue certificates. Members of the House Committee on Energy and Commerce[…]
A bug in the standalone mail client for both iOS and OSX could allow an attacker to load external HTML and make it easy to carry out convincing phishing attacks on unsuspecting users.
The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims, including some related to the Iran nuclear talks[…]
Apple is encouraging developers who create apps for iOS to begin moving their apps to an HTTPS-only model as soon as possible in an effort to thwart eavesdropping on insecure, plaintext HTTP connections. The move is yet one more sign that major Internet and technology companies are becoming ever more resistant to large-scale, passive surveillance[…]
Microsoft released two critical bulletins—eight overall—as part of the June 2015 Microsoft Patch Tuesday security updates. One of the critical bulletins patches 24 vulnerabilities in Internet Explorer.