The City of Johannesburg was hit with a ransomware attack that has compromised many of its municipal services.
In the rush to fix newer vulnerabilities, the older ones are left unaddressed. The resulting security debt increases the organization's risk of a breach, Veracode warned.
A new version of the Gustuff Android banking trojan has emerged, this time with new communications capabilities and more credential-theft features.
Researchers have linked the Magecart group known for its supply-chain attacks to Cabanak, an advanced threat group.
The FTC action against a developer of "stalking" apps emphasized that installing an app that hid its presence on the device and didn't notify the user what it was doing was against the law.
In Firefox 70, Mozilla has added the ability to block trackers from Facebook, Twitter, and other social networks, as well as other new privacy enhancements.
Microsoft's Secured-core PC initiative is a partnership with OEM partners (including HP and Dell), silicon vendors (such as Intel, AMD, and Qualcomm) to provide deeply integrated hardware, firmware and software that can withstand firmware-based attacks.
Investigations by the NSA and Uk's NCSC found that the Russian Turla attack group was using compromised C2 infrastructure and tools belonging to an Iranian APT group in several operations.
James Plouffe, a former technical adviser for Mr. Robot, joins Dennis Fisher to talk about the show's cultural legacy.
Sen. Ron Wyden has introduced a new privacy measure that would allow the FTC to assess huge fines for corporations that misuse consumer data--and mean jail time for executives who lie about their companies' policies.
Flashpoint analysts look at Dark Web marketplaces and see that prices have not changed all that much in two years.
Arm is bringing custom instructions to its Cortex-M processors. The overall security of these processors will depend on how these instructions are actually implemented.
A flaw in the way Go handles some invalid HTTP headers could allow an attacker to authenticate as any user on a Kubernetes server in some instances.
Kenneth White of MongoDB joins Dennis Fisher to discuss the challenges of encryption implementations in modern enterprise networks.
Some of the biggest names in security have banded together for a new industry initiative to make it easier for different security technologies to work together.