This new "evil maid" security vulnerability exposes Windows PCs to physical hacking risk.

The private information of some 4.5 million Israeli citizens, including biometric facial features, stored in the Transportation Ministry database for drivers licenses and a private database for smart biometric bus cards, is not getting the highest-level encryption and security to prevent data breaches or exploit attempts, found a report by the State Comptroller, writes the Jerusalem Post.

Fingerprint-based authentication is fine for most people, but it's hardly foolproof.

A new device, called Paranoid, is here to prevent your smart speaker from listening when it shouldn't, making Alexa and Google Assistant devices a little safer.

Apple paid out $75,000 to a hacker for identifying multiple zero-day vulnerabilities in its software, some of which could be used to hijack the camera on a MacBook or an iPhone, according to Forbes.

Meetings on ZOOM, the increasingly popular video conferencing service, are encrypted using an algorithm with serious, well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America, according to researchers at the University of Toronto.

Over the past few years, owners of cars with keyless start systems have learned to worry about so-called relay attacks, in which hackers exploit radio-enabled keys to steal vehicles without leaving a trace. Now it turns out that many millions of other cars that use chip-enabled mechanical keys are also vulnerable to high-tech theft. A few cryptographic flaws combined with a little old-fashioned hot-wiring—or even a well-placed screwdriver—lets hackers clone those keys and drive away in seconds.

There's a good chance many devices will never receive the patch.

ElectionGuard isn't designed to make voting machines safe from hackers. It's meant to make hacking them pointless.

This demanded a cross-industry summit—so now medical, security pros attend CyberMed.

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.

Those with the most to lose don’t always safeguard their privacy very well. You can do better.

An alarming test carried out by Princeton shows that the five largest US carriers fail to properly protect their customers against so-called SIM-swap attacks. They were able to persuade the carriers to assign phone numbers to new SIMs without successfully answering any of the standard security questions. Once a phone number has been reassigned to a SIM in the possession of an attacker, they can reset passwords even on accounts protected by two-factor authentication (2FA)…

It's been a rough 10 years in cybersecurity—and it's only getting worse.

But, there is one thing that Hayden and I agree on: putting backdoors into encryption is a horrible, dreadful, terrible idea. He makes two great points. First, backdooring encryption will make Americans much less safe. Second: backdooring encryption won't even help law enforcement do what it thinks it wants to do with backdoors.

Company security analyst sent session cookie allowing account take-over.

80 percent of breaches are the result of stolen passwords, usually the result of social engineering or phishing attacks.

When you buy an Android smartphone, it’s rarely pure Android. Manufacturers squeeze in their own apps or give it a fresh coat of interface. Carriers do it too. The resulting stew of preinstalled software and vanilla Android sometimes turns out to be rancid, putting flaws and vulnerabilities on the phone before you even take it out of the box. For proof of how bad it is, look no further than the 146 vulnerabilities—across 29 Android smartphone makers—that have just been simultaneously revealed.

Researchers have identified 11 new vulnerabilities in 5G—with time running out to fix them.

With its cheap geothermal energy and low crime rate, Iceland has become the world’s leading miner of digital currency. Then the crypto-crooks showed up.