Apple Inc. has issued a security update for macOS High Sierra that patches a severe vulnerability identified in September that allows unsigned apps to capture plain-text passwords from the Mac keychain. The High Sierra 10.13 Supplemental Update actually fixes two security issues, the previously discovered security issue in the Mac keychain as well as a newly identified vulnerability ...

Hackers acting on behalf of the Russian government are alleged to have stolen sensitive data, including exploits, from a contractor working for the National Security Agency, according to a report published Thursday. The Wall Street Journal claimed that the hack took place in 2015 but was not discovered until spring in the following year and involved ...

A new survey has found that domain name server security is being overlooked by many enterprises, leaving them wide open to attack. The survey, commissioned by Infoblox Inc. and undertaken by Dimensional Research, polled 1,000 security and information technology professionals and found that DNS solutions were failing to alert teams of an occurring DNS attack. Nearly ...

Content delivery network provider Cloudflare Inc. has banned sites that use JavaScript code to hijack visitors for the purpose of mining cryptocurrencies, according to a report published Wednesday. TorrentFreak claimed that Cloudflare, which is “often criticized for not being harsh enough on pirate sites” is now banning websites that run cryptominers, apparently with little to no warning. The ...

HYPR Corp. has raised $8 million in a Series A round in its bid to rid the world of all these mass data breaches. Founded in 2014, HYPR offers an enterprise-focused decentralized authentication platform that ensures that personal credentials remain safe on individual devices. The platform is designed to greatly reduce the risk of a large data ...

Samsung Electronics Co. Ltd. unveiled a new Windows-powered virtual and augmented reality headset at a Microsoft Corp. event Tuesday that’s said to deliver the highest-resolution display to take “consumers to entirely new virtual limits.” Called the Samsung HMD Odyssey, the headset, claimed to be the “most immersive Windows Mixed Reality headset in the market,” comes with some impressive specs. ...

Microsoft Corp. has acquired virtual reality social platform startup AltspaceVR Inc., the companies announced today The price of the deal was not disclosed, but it’s likely to have come at a discount on the $15.7 million AltspaceVR had previously raised, given the company had ceased operations in early August thanks to financial difficulties. Founded in 2013, AltspaceVR brings two-dimensional ...

Verizon Communications Inc. has disclosed that the hack of Yahoo in August 2013 did not involve the compromise of 1 billion accounts as reported in December. Instead, it was all 3 billion Yahoo accounts, making it the largest data breach in history. The data stolen in the hack included the “names, email addresses, telephone numbers, dates of birth, hashed ...

The website for Etherparty, an initial coin offering selling tokens for a blockchain-based smart contract tool, has been hacked, as the address for sending funds to buy tokens was changed to one controlled by the hackers. The hack took place on the first day of Etherparty’s ICO, occurring 45 minutes after the Oct. 1 launch. The ...

Researchers at Google LLC have issued a warning over seven serious flaws in Dnsmasq, a Domain Name System forwarder and Dynamic Host Configuration Protocol server that is installed with Linux distributions, Android and Google’s Kubernetes container software. The longstanding flaws include three remote code execution vulnerabilities, three denial of service vulnerabilities and an information leakage issue. “We discovered seven distinct ...