The Internet Systems Consortium patched the BIND domain name system this week, addressing what it calls a critical error condition in the software.

A number of Democratic Congressional leaders wrote Yahoo CEO Marissa Mayer a letter seeking answers about the breach of 500 million customer records.

Microsoft is bringing virtualization to its Edge browser with a security tool called Windows Defender Application Guard. The technology, announced this week at Microsoft’s 2016 Ignite conference in Atlanta, takes a virtualization-based approach to isolating browser-based attacks from the internet. Windows Defender Application Guard will be exclusive to enterprise versions of Windows 10 and will...

A German privacy regulator issued an order this week prohibiting Facebook to stop collecting user data on German WhatsApp users.

Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs.

iPhone users can now use Signal’s secure messaging app between their iOS device and their Mac OS or Windows desktops.

Facebook finished porting its SQL-powered detection tool, osquery, to Windows this week.

Google released CSP Evaluator and CSP Mitigator to aid developers in building better Content Security Policy protections for web applications.

APT gang Sofacy is targeting Mac OS X users with a Trojan that allows an attacker to execute remote commands on infected systems.

Crypto company Venafi points out potential holes in Yahoo’s processes and policies around cryptography and digital certificates, any of which could have been exploited in the breach to move data off the Yahoo network.