Research shows that attackers can bypass fingerprint sensors on some devices with as high as an 80 percent success rate.
An attacker is exploiting open Docker API ports to gain a foothold and install a piece of malware called Kinsing that tries to mine Bitcoin.
A security vulnerability in Microsoft Exchange that was fixed in February is still unpatched on hundreds of thousands of Exchange servers.
Attackers are exploiting two use-after-free bugs in Firefox and Mozilla has released emergency patches for the vulnerabilities.
We've put together a list of security and privacy related book recommendations from people across the industry, from technical manuals to histories to cyberpunk fiction.
The prolific Magecart group continues to evolve its attack techniques as it uses new skimmer code to steal payment card numbers from the websites of small- and medium-sized businesses, RiskIQ researchers found.
An attacker based in China has been compromising thousands of MS-SQL servers for nearly two years.
As the first state with with a law regulating how government agencies can use facial recognition software, Washington provides other states with a blueprint on how—and how not to—tackle the security and privacy questions around the technology.
The Cloudflare Warp security service is now available in beta for Windows and macOS, a year after the app became available for iOS and Android.
Rich Mogull, CEO of Securosis and a longtime paramedic and disaster medic, joins Dennis Fisher to discuss the mindsets required to prepare for and respond to both physical disasters and security incidents.
Marriott says 5.2 million customers may be affected by a new data breach disclosed today.
The WireGuard VPN is now a default part of the Linux 5.6 kernel.
California is expected to begin enforcing its new consumer privacy law starting July 1, but the Electronic Frontier Foundation is concerned about all the loopholes that still remain.
Google's Threat Analysis Group discovered one attacker exploiting five separate zero days in several applications last year, a highly unusual attack pattern.
Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.