The FBI can keep details around how much it paid and which company it hired to unlock a terrorist’s iPhone 5C in 2016 secret, the court ruled over the weekend.
Industrial manufacturer Siemens is encouraging users running devices that use its Ruggedcom protocol to apply firmware updates this week. The updates resolve a serious and remotely exploitable vulnerability that could let an attacker carry out administrative actions.
ICANN, the overseer of the Internet’s namespace, announced this week that it was postponing a scheduled change to the cryptographic key that protects the Domain Name System.
The macOS Keychain attack, Signal’s new private contact discovery service, the Deloitte hack, and a handful of mobile stock trading app vulnerabilities are discussed.
Researchers at Duo Security are expected today at Ekoparty to reveal data and a paper that shows Mac users are not receiving EFI firmware updates at expected.
Google, through Google Domains, operates many TLDs, and this week said it would begin enforcing HSTS on those TLDs. HSTS forces secure client connections over HTTPS.
Digital civil liberty activists with Fight for the Future and Free Press were hit with a phishing emails designed to steal business credentials earlier this summer.
Researchers at CyberArk have devised a Windows Defender bypass that tricks the operating system into executing malicious code while Defender scans a benign file.
Apple said that macOS’ native Gatekeeper security feature would protect against a Keychain attack disclosed this week, but researcher Patrick Wardle said that won’t help against Mac malware signed with an Apple certificate.