Vulnerabilities/Threats

The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.

The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.

One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS fl...

Researchers claim to have accessed hundreds of thousands of Windows credentials using a bug in the Autodiscover protocol...

A Security Champions program is a great way to enhance security maturity, reduce vulnerabilities, and make security top ...

NIST recommendations typically become part of government procurement, which means threat modeling will soon be written i...

Though many incidents stemmed from familiar security failures, they served up — or resurfaced — some important takeaways...

Researchers piece together the origins of the group that made headlines this week as the perpetrator behind a ransomware...

The UK MoD has failed to protect personally identifiable information (PII) for Afghan interpreters; the incident highlig...

A new survey from Forrester and VMware finds more than half of developers still think security gets in the way.

A new alert provides the technical details of ongoing attacks and guidance for organizations to secure systems against C...

Gone is the false perception that large enterprises, banks, and financial institutions are the only organizations under ...

Resilience is often defined as being able to withstand disruptions and rebound to a previous state. But a system's abili...

The Iowa grain cooperative took its systems offline in response to a security incident earlier this week.

Hacker-turned-entrepreneur Marc Maiffret reflects on his past few years "embedded" with enterprise security teams and ho...