Over 117 million LinkedIn user logins are for sale on the black market “The Real Deal” by hacker “Peace” for five Bitcoins ($2,280). The breach is tied to an earlier hack on LinkedIn in 2012, when the company originally said 6.5 million accounts had been compromised. The hacker, identified as Peace, claims the the data...

Security researchers at Skycure are upping the ante on a vulnerability that it says now leaves 95.4 percent of Android devices vulnerable to an attack that hands over control of a phone or tablet to an attacker. First reported at the RSA Conference in March, Skycure discovered a theoretical attack that involves the exploitation of...

Google clarified this week exactly when it plans to disable support for the RC4 stream cipher and the SSLv3 protocol on the company’s SMTP servers and Gmail’s web servers. It turns out the end will come sooner than later; the company announced it will begin to disable both a month from now, on June 16....

Two University of Texas academics have made what some experts believe is a breakthrough in random number generation that could have longstanding implications for cryptography and computer security. David Zuckerman, a computer science professor, and Eshan Chattopadhyay, a graduate student, published a paper in March that will be presented in June at the Symposium on...

Google Play’s first line of defense against malware was circumvented by attackers who managed to sneak a malicious app called “Black Jack Free” into the official app store. The app was discovered by Lookout Security and removed by Google last week. Lookout estimates that 5,000 people downloaded the app that can siphon financial data from...

Apple on Monday rolled out a series of patches for nearly all of its operating systems, OS X, iOS, its smart watch operating system, watchOS, and Apple TV’s tvOS, along with fixes for both iTunes and Safari. OS X received the lion’s share of the updates, 67 in total, bringing Apple’s operating system El Capitan to...

Pen-testing engagements are generally a breeze for most red-teamers; roadblocks are few, despite the ones in place being expensive and often paid for by very large companies. Chris Nickerson has been running such engagements for 15 years and he sees companies that throw more money and more servers at security solutions as having far less...

An underground forum called Nulled.io that helped users share stolen credentials, software cracks, and leaked content was hacked earlier this month, spilling a glut of information, including users’ email addresses, encrypted passwords, and IP addresses, among other details. According to researchers at Risk Based Security who reported the breach last week, a 1.3 GB tar.gz...

As zero days in Adobe Flash Player continue to bubble to the surface, major technology players are announcing their plans to shove the maligned software aside in favor of HTML5. Google is the latest, announcing recently that by Q4 of this year, HTML5 would be the default in the Chrome browser, except for content on...

Incidents of Android lockscreen malware masquerading as porn apps are a growing concern to security analysts who are forecasting an uptick in attacks. Once infected, Android users bitten by this malware appear to be locked out of their device and are forced to undergo a complex extraction of the app to win back control of...