An unknown leaker is publishing hacking tools used by the APT34 attack group that has been linked to Iranian intelligence.
The endpoint is still the most important part of enterprise defense, but Absolute Software's analysis found that throwing more security agents at an endpoint doesn’t make the system more secure.
Dennis Fisher talks with Craig Williams of Cisco Talos about the Sea Turtle DNS-hijacking campaigns.
A group of attackers has been running a DNS hijacking campaign known as Sea Turtle that targets energy, intelligence, and military organizations.
Security professionals struggling with securely configuring Windows 10 devices can look at Microsoft's new security configuration framework.
Wordfence researchers are "confident" the same actor is responsible for a wave of attacks that have hit thousands of WordPress sites over the past month by targeting vulnerabilities in WordPress plugins.
Google has turned on support for the MTA-STS security standard in Gmail, providing better transport security for domain owners.
Supply chain attacks are scary, but there are plenty of other hardware-based issues organizations should be worrying about before they have to panic about the complex malicious implants in their servers.
Researchers have uncovered a new version of the Mirai malware that targets several different processor architectures, including OpenRISC.
Mobile payments are very popular in African companies and SIM card fraud is a massive problem. At the Kaspersky Security Analyst Summit, CERT Mozambique discussed how the banks and mobile operators worked together to ensure thieves didn't loot customer accounts just by stealing phone number.
Amazon CloudFront now requires domain owners to have an SSL certificate for alternate domain names to help prove ownership.
The Android security team was busy battling the Chamois malware family on Google Play starting in 2016. Android security engineer Maddie Stone outlined the steps Google has taken to reduce the number of devices infected with this technically complex malware.
Criminals can buy digital fingerprints such as user behavior, cookies, and device information on the Genesis marketplace to fool banks' anti-fraud systems and conduct credit card fraud.
Mac security researcher Patrick Wardle joins Dennis Fisher to discuss his research and Mac malware.
Apache has fixed a root privilege escalation vulnerability in its popular web server software, which runs on millions of servers.