The Holmium threat group has been using password spraying attacks against Office 365 to gain access to corporate networks.
Hundreds of millions of embedded and enterprise devices are vulnerable to a long list of flaws in the Treck TCP/IP stack.
Attackers launched a massive distributed denial-of-service against a specific website hosted by a hosting provider in early June. Not only was the 1.44 terabit-per-second DDoS attack the largest Akamai has seen to date, it was also one of the most complex to resolve.
Malware and phishing campaigns preying on interest in the COVID-19 crisis have spiked but are now falling off in many places.
Intel's new Control-Flow Enforcement Technology will be built into its forthcoming Tiger Lake processors and integrated with Windows 10.
As the original root certificates begin to expire, more and more networked devices, including smart devices and internet of things, will stop working. They won't be able to connect online to services unless they are updated, and that is easier said than done.
The FBI is warning of a potential spike in mobile banking app attacks resulting from a drop in the number of people visiting physical bank branches.
Microsoft fixed a critical remote code execution flaw in the SMBv1 protocol in many of the current Windows versions.
Billions of network-connected devices, such as printers, routers, smart TVs, and video game consoles, are open to attack via the CallStranger vulnerability in the Universal Plug and Play (UPnP) protocol.
Protecting data while in use is a challenge. IBM released an open source toolkit to help developers implement fully homomorphic encryption in their applciations.
People enrolled in Google's Advanced Protection Program can now use hardware keys that support WebAuthn with their iOS devices.
Hundreds of thousands of Exchange servers are still vulnerable to a dangerous flaw (CVE-2020-0688) four months after Microsoft released a patch for it.
New data shows that hundreds of thousands of Exim servers are still running versions vulnerable to flaws disclosed and patched last year.
Apple has patched, for the second time, a vulnerability in the iOS kernel that has been used in jailbreak tools.
The Sandworm team, associated with the Russian GRU, is exploiting a flaw in the Exim mail transfer agent, the NSA warned in a new advisory.