AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.
Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, speaks with reporter Danielle Walker on social engineering ruses targeting wildcard certificates.
In the "CyberRx" exercise, many organizations expressed concerns about communicating threat information to integral team members outside IT.
Security firm Mandiant detailed the heartbleed exploit, which was used on one of its clients.
A Dutch minister of justice will decide where Vladimir Drinkman will land to face charges related to his involvement in the cyber crime collective responsible for the Heartland Payment breach.
The threat, dubbed "Unflod Baby Panda," was discovered by Reddit users and analyzed by researchers at the German-based security firm, SektionEins.
According to the U.S. Government Accountability Office (GAO), SEC, among other lapses, failed to adequately oversee a contractor, which migrated its financial system to a new data center.
Critical security issues that leave satellite communications vulnerable to being intercepted, manipulated or blocked were detailed in a white paper.
London-based CNS Hut3 warns that flaws in many Heartbleed detection tools could give companies a "false sense of security."
The permissions issue could allow a malicious app to alter legitimate home screen icons.
Roel Schouwenberg, principal security researcher at Kaspersky Lab, speaks with SC Magazine on why new approaches have been employed to go after the same means.
A Twitter account attempting to mask itself as part of an EA Sports official support team sent video game players a malicious link that could have handed over hundreds of logins.
This week, critical infrastructure operators were notified of potential threats arising from the critical OpenSSL flaw.
An incident response firm found that 93 percent of phishing emails were sent out on weekdays, with the most popular day being Wednesday.
A vulnerability in Google Chrome can allow an attacker to stealthily listen in on someone, even if microphone access is blocked.
The Heartbleed Bug is a critical OpenSSL flaw said to leave online information, including payment card data, vulnerable to being exposed.
Rogue Android apps can steal authentication tokens and risk the accounts of some of the most widely used services, including Google, Facebook and Twitter.
Jamie Dimon wrote that the bank will have spent more than $250 million annually by the end of the year on cyber security and faces increasingly complex and more dangerous" attacks.
Efforts are now reportedly underway in Iowa and North Carolina as part of a multistate probe.
Orbit Open Ad Server was vulnerable to SQL injection attacks, which could result in website visitors' information being stolen via malvertising, a security firm found.
This month's Patch Tuesday marks the end of support for the dated, but widely used, products.
Anti-virus company Comodo has identified a variant of the infamous Zeus trojan that is avoiding detection by using a valid digital signature.
The breach struck Experian subsidiary, Court Ventures, and compromised the personal and financial data of more than 200 million Americans.
The company also revealed that a zero-day flaw in Word 2010 will be patched next week.
The Federal Financial Institutions Examination Council (FFIEC) notified the industry on Wednesday.
More than 24 million home routers have open DNS proxies that enable DNS-based DDoS attacks, and 5.3 million of the devices were used to generate attack traffic in February, according to Nominum.
Some advice from pros for keeping your infrastructure out of the snares of a botnet. Alan Earls reports.
Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.
This month's news briefs includ revelations at the RSA Conference 2014 in San Francisco, new malware, zero-day fixes and more security news.
A researcher at Black Hat Asia highlighted security issues affecting Tesla Model S cars.