New Verizon report shows a big gap between organisations' mobile security risk concerns and mobile security best practices they implement.
Stories by Lucian Constantin
If you are running an older version of Elasticsearch, make sure you've patched its known vulnerabilities or consider upgrading.
The decade-old Qbot financial malware has resurfaced with an improved version in a new attack that has infected thousands of systems so far.
Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.
WootCloud researchers discover an internet of things botnet based on Mirai that exploits Polycom video conferencing systems. Polycom has issued an advisory and best practices for mitigating the risk.
New report from Risk Based Security shows a downward trend in number breaches and exposed records, Unclear if privacy regulations like GDPR are having an effect.
Microsoft has removed eight applications from its app store for Windows that were mining Monero crypto-currency without users' knowledge.
A group of hackers that previously leaked alleged NSA exploits claims to have even more attack tools, as well as intelligence gathered by the agency on foreign banks and ballistic missile programs.
As the WannaCry ransomware attack evolves, more cybercriminals are likely to attempt to profit from the vulnerability it exploits and similar flaws in the future.
In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.
Attackers behind the highly successful Locky and Bart ransomware campaigns have returned with a new creation: A malicious file-encrypting program called Jaff that asks victims for payments of around $3,700
Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router settings.
The Tuesday updates for Internet Explorer and Microsoft Edge forces those browsers to flag SSL/TLS certificates signed with the ageing SHA-1 hashing function as insecure.
Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including three flaws that have already been exploited in targeted attacks by cyberespionage groups.
Microsoft released an update for the malware scanning engine bundled with most of its Windows security products to fix a highly critical vulnerability that could allow attackers to hack computers.