The attack targets IKE’s handshake implementation used for IPsec-based VPN connections, opening the door for MiTM attacks or for bad actors to access data carried in VPN sessions.

The glitch stems from a functionality intended to allow updates to the UEFI firmware.

Clouldflare launches DNS-over-HTTPS service called 1.1.1.1 that it says will be a “privacy-first” DNS service for consumers.

Mozilla is testing a method of securing DNS traffic via HTTPS, but is faced with some privacy resistance.

Microsoft fixes 25 critical vulnerabilities including one zero day under attack and one tied to the high-profile BlueBorne attack vector.

D-Link router model 850L has 10 vulnerabilities that could allow a hacker to gain remote access and control of device, according to researcher.

The digital gaming platform Steam was quick to patch a cryptographic issue in its client recently that could have allowed an attacker to read sensitive information sent over its network, take over an account, or view plain-text passwords. Valve, the Bellevue, Wash.-based video game developer that oversees the platform, rolled out new code on its servers...

Apple iOS devices are in the crosshairs of another malware attack that has already infected an estimated six million non-jailbroken iOS devices in China, according to researchers. Palo Alto Networks found the new malware called AceDeceiver that infects iOS devices via Windows PCs and which leverages design flaws in Apple’s DRM software. So far, AceDeceiver has only impacted iOS...