Microsoft is bringing virtualization to its Edge browser with a security tool called Windows Defender Application Guard. The technology, announced this week at Microsoft’s 2016 Ignite conference in Atlanta, takes a virtualization-based approach to isolating browser-based attacks from the internet. Windows Defender Application Guard will be exclusive to enterprise versions of Windows 10 and will...

A German privacy regulator issued an order this week prohibiting Facebook to stop collecting user data on German WhatsApp users.

Mozilla has proposed banning new SHA-1 certificates from Chinese Certificate Authority WoSign for one year after it accused the CA of back-dating the deprecated certs.

Facebook finished porting its SQL-powered detection tool, osquery, to Windows this week.

Google released CSP Evaluator and CSP Mitigator to aid developers in building better Content Security Policy protections for web applications.

APT gang Sofacy is targeting Mac OS X users with a Trojan that allows an attacker to execute remote commands on infected systems.

Crypto company Venafi points out potential holes in Yahoo’s processes and policies around cryptography and digital certificates, any of which could have been exploited in the breach to move data off the Yahoo network.

Researchers have identified a new ransomware strain that spoofs tracking services via spam messages and contain URLs that link to malicious files.

Yahoo confirmed that in 2014 state-sponsored hackers stole information associated with 500 million accounts from its network.

Three vulnerabilities were patched Wednesday in the Drupal content management system’s core engine, two of which were rated critical.