Web shell attacks have been on the rise in recent months, as many APT groups employ them against enterprises.
While FCC chairman Ajit Pai said at least one wireless carrier sold location data in violation of federal law, it is far from clear whether the offending entity will face any penalties.
A flaw in the sudo utility could allow a local user to gain root privileges if the pwfeedback option is enabled.
A proposal that would standardize the format of SMS messages being used in two-factor authentication schemes has a simple goal: make users relying on those one-time passcodes less susceptible to phishing attacks.
A proposed bill by Sen. Lindsey Graham to prevent online child exploitation imagery could have a disastrous effect on end-to-end encryption.
Attackers can exploit vulnerabilities in how laptops use memory to force the machine to execute unauthorized code while it is booting up, giving them unauthorized privileges and access to information, researchers said.
Disinformation campaigns and cyber operations are intersecting more and more often, as actors become more sophisticated in their use of both tactics in their operations.
Google and Mozilla over the past few weeks have taken steps to remove problematic extensions and add-ons that steal user data and execute remote code.
Researchers have identified yet another speculative execution attack method against Intel processors.
Improving online privacy for users will require a mix of technical, legislative, and regulatory approaches.
If the US government moves to weaken strong encryption, it could have severe consequences for users around the world, experts say.
Three people arrested in Indonesia for using web skimmers to steal payment card details from websites may be linked to one of the groups operating under the Magecart umbrella.
Citrix has released patches for the CVE-2019-19781 vulnerability in its ADC and Gateway appliances.
A recent Emotet malware campaign is homing in on victims in the military and government sectors.
A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states' abilities to respond to cyberattacks.