The newly disclosed Simjacker attack allows a remote attacker to track a mobile device by exploiting a weakness deep within many phones.
Dennis Fisher talks with Parker Thompson of Cyber Independent Testing Lab about the group's IoT security study.
The key takeaway from the NERC report about the attack against a US electric utility isn't that companies need to be patching, but that layered defense is still the best approach for keeping systems and networks safe.
A new attack that exploits a weakness in the DDIO feature of some Intel chips can leak sensitive data, including SSH keystrokes.
A new Firefox Private Network extension provides protection on public networks.
Tanya Sam of TechSquare Labs joins Dennis Fisher to discuss her path to the Atlanta startup scene and what she's learned along the way.
A flaw in the Exim MTA software can be exploited remotely to gain root privileges.
Ransomware infections have crippled local governments in several states recently, a trend that shows no signs of abating.
Mozilla has added Enhanced Tracking Protection to Firefox to block tracking cookies in the browser by default.
Researchers have found modified versions of the Orcus and Revenge RATs being delivered through effective phishing campaigns.
Researchers from Google Project Zero uncovered a multiyear campaign that targeted iPhones with sophisticated exploit chains delivered through hacked websites.
While disinformation is getting a lot of attention in security circles, the discussion primarily tends to be in the context of election security. However, hacking social media accounts, or creating fake accounts, to post false messages about a company is absolutely a disinformation campaign.
Security firm Imperva says that API keys and SSL certificates for some of its Cloud WAF customers were exposed in a data breach.
The CVE-2019-11510 vulnerability in Pulse Secure VPN is drawing considerable attention from attackers now that an exploit is publicly available.
Encryption experts from around the world collaborated on an open letter to G7 leaders prior to the summit to not undermine encryption. The fact that the G7 leaders didn't release a statement supporting lawful access for law enforcement and intelligence agencies the way the G7 ministers did back in April is a victory of sorts.