If the US government moves to weaken strong encryption, it could have severe consequences for users around the world, experts say.
Citrix has released patches for the CVE-2019-19781 vulnerability in its ADC and Gateway appliances.
A recent Emotet malware campaign is homing in on victims in the military and government sectors.
A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states' abilities to respond to cyberattacks.
Citrix and FireEye Mandiant have released a scanner that can detect some indicators of compromise related to the CVE-2019-19781 vulnerability.
A new Internet Explorer vulnerability (CVE-2020-0674) is being used in targeted attacks and Microsoft does not have a patch available right now.
The latest investigation by Trend Micro Research observed multiple instances of fraud and ransomware attacks on networks with industrial control systems. For these organizations, sophisticated malware like Stuxnet and Triton aren't their biggest headaches.
Kenn White joins Dennis Fisher to discuss the details of the CVE-2020-0601 Windows crypto vulnerability that the NSA disclosed to Microsoft.
Kubernetes has launched a public bug bounty program with support from Google.
Exploits for the CVE-2019-19781 Citrix ADC vulnerability are available on GitHub while patches are still a week away.
Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.
Multiple business groups have pushed back on the Department of Commerce's proposed supply chain rules on information and communications technology supply chain security due to vague language and undefined scope.
The encryption debate is as old as the Internet, and Jennifer Granick warns that giving ground now could have serious long-term effects.
Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.
Mozilla has released an emergency fix for a vulnerability in Firefox that attackers are actively exploiting.