Recent Security Stories

Compact

Standard

Grid

Windows 10 versions 1809 and newer suffer from a vulnerability that can grant system privileges to hackers. Microsoft has issued a workaround.

The United States, in concert with the EU, UK, and NATO, has formally charged China with orchestrating the attacks on Microsoft Exchange servers.

Microsoft has acknowledged the third printer-related vulnerability in Windows in the past month or so.

Microsoft announced this morning that it will acquire RiskIQ, which makes threat intelligence and attack surface management solutions.

Microsoft last night acknowledged that a newly discovered vulnerability in “all versions of Windows” is being actively exploited.

Microsoft’s “chip-to-cloud Zero Trust” security promise for Windows 11 has become instantly controversial thanks to some unpopular decisions.

Microsoft warns that the same pro-Russia hackers that carried out the SolarWinds attack last year are now targeting groups critical of Vladimir Putin.

In December, Microsoft began an investigation into a SolarWinds-based breach of its internal systems. That investigation is now complete.

With the shift to web-based computing, it is perhaps not surprising that hackers are increasingly exploiting web browsers. And there is no browser more popular than Chrome.

Microsoft Authenticator can now provide password management and autofill capabilities on mobile, so you can protect synced passwords with your Microsoft account.

Microsoft announced this morning that it has taken down a Russian botnet called Trickbot that was trying to undermine the U.S. election.

Signal is a cross-platform encrypted messaging service championed by privacy advocates. But I have some questions.

A new Microsoft blog post explains how the firm is now using virtualization-based security (VBS) to prevent data corruption attacks in Windows 10.

The Defender ATP Preview for Android can protect against phishing and unsafe network connections from apps, websites, and malicious apps.

Microsoft says attackers are exploiting a previously undisclosed vulnerability in Windows, affects Windows 10 users as well.

Cybercriminals are preying on people’s fear during the COVID-19 pandemic to steal sensitive information and spread malware for profit.

Security researchers have discovered a new security flaw on Intel CPUs that "jeopardizes" Intel's root of trust. The vulnerability is apparently unfixable and impossible for antivirus software to detect.

Smart doorbell maker Ring announced today that it will now require two-factor authentication on all accounts, improving security.

Microsoft launches new Xbox Bounty Program to reward security researchers and other users for uncovering potential security vulnerabilities on the Xbox platform.

Google has made minor but crucial changes to its security disclosure policy after years of complaints from rivals.

Samsung starts rolling out fix for critical fingerprint issue that allowed anyone to unlock your phone with the help of cheap screen protectors.

I was a bit surprised by how willing the tech press was to believe that Google’s Pixel 4 Face Unlock is somehow as secure as Face ID.

Yubico today announced the latest addition to its family of multi-protocol security keys, the Yubikey 5Ci.

Over a year after the Meltdown and Spectre security flaws ravaged the PC industry, Intel has revealed a new, even more serious set of vulnerabilities.

It’s a stunning admission by Microsoft that raises more questions that it does answers questions.

Microsoft announced this week that it was granted a court order giving it control of 99 websites tied to an Iranian hacker group.

Google has released a new Chrome extension that will help you protect your accounts from third-party data breaches.