Hackers are luring unsuspecting users with a fake Windows 11 upgrade that comes with malware that steals browser data and cryptocurrency wallets.

After years of tantalizing hints that a passwordless future is just around the corner, you're probably still not feeling any closer to that digital unshackling. Ten years into working on the issue, though, the FIDO Alliance, an industry association that specifically works on secure authentication, thinks it has finally identified the missing piece of the puzzle.

Cupertino based tech giant Apple has released macOS 11.6.4 update to macOS Big Sur that contains security fixes, as well as a macOS Catalina Security Update. According to Apple's release notes for the update, macOS Big Sur 11.6.4 "improves the security of macOS" and is recommended for all users.

The defense agency said it was not responding to any specific threats but acting as a general precaution that conflict with Russia could lead to cyberattacks.

Federal and state governments are turning to a facial recognition company to ensure that people accessing services are who they say they are. The move promises to cut down on fraud, but at what cost?

Observers worry how much information ID.me collects and how willing the company seems to be to share it with authorities when asked.

Samsung has revealed what it calls the "industry's first" all-in-one fingerprint security chip (IC) for payment cards. The S3B512C chip reads biometric information via a fingerprint sensor, stores and authenticates data with a tamper-proof secure element (SE) and analyzes it with a secure processor. While primarily designed for payment cards, it could also be used for "student or employee identification, membership or building access," the company said.

Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update.

China’s cyberspace regulator said it will implement new rules from February 15 that require platform companies with data for more than one million users to undergo a security review before listing their shares overseas.

A Chinese man has been jailed for lifting her sleeping ex-girlfriend’s eyelids to unlock her phone, so he could steal money from her digital wallet. The man in the southern city of Nanning, surnamed Huang, was recently sentenced to 3.6 years in prison and fined 20,000 ($3,100) for stealing about 154,000 Chinese yuan ($24,200) from his ex-girlfriend’s mobile payment account, according to Nanning Evening News.

Pegasus spyware maker NSO Group is reportedly running out of cash following actions by both the US government and Apple. This has led the company to explore options to put itself up for sale. Two US funds have expressed an interest, claiming that they would change the company’s mission from offensive to defensive, though skepticism has been expressed about this...

A VULNERABILITY IN the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the world's most popular applications and services to attack, and the outlook hasn't improved since the vulnerability came to light on Thursday. If anything, it's now excruciatingly clear that Log4Shell will continue to wreak havoc across the internet for years to come.

Ethical hackers discovered the names, addresses, social security numbers and tax information for more than 30,000 healthcare workers in a database run by Gale Healthcare Solutions.

A recently discovered FBI training document shows that US law enforcement can gain limited access to the content of encrypted messages from secure messaging services like iMessage, Line, and WhatsApp, but not to messages sent via Signal, Telegram, Threema, Viber, WeChat, or Wickr.

Amid a heightened amount of scrutiny and tension surrounding the App Store and how users download and install apps on the iPhone, Apple CEO Tim Cook said today that customers who wish to sideload apps should consider purchasing an Android device as the experience offered by the ‌iPhone‌ maximizes their security and privacy.

Lupovis, a cybersecurity spin-out from the University of Strathclyde, has secured a pre-seed investment of over €700k from a syndicate co-led by Techstart Ventures and Nauta Capital, and investment form the University of Strathclyde itself.

UK government will see the introduction of comprehensive rules to prevent online harms to children, including biometrics-based age checks.

Ruling says email services not subject to data retention rules.

A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons.

Why would people continue to use methods known to be insecure? It's mostly a matter of their widespread use and inertia.