A vulnerability in several versions of BIND 9 can allow an attacker to knock vulnerable name servers offline.
Data of more than 150,000 to 200,000 patient were exposed in at least nine GitHub repositories—the result of improper access controls and hardcoded credentials in source code, according to a DataBreaches.net.
Irish privacy regulators are still working with other European Union data protection authorities to hammer out the final decision of its GDPR case against Twitter over a 2018 security incident.
A group of academic researchers have developed practical attacks targeting two widely used end-to-end encryption schemes for email, which could lead to man-in-the-middle decryption attacks and exfiltration of private keys.
The EmoCrash exploit took advantage of a flaw in the Emotet trojan's code to help defenders stop the malware for more than six months.
TeamTNT, a crypto-mining botnet, is stealing Amazon Web Services credentials from infected Docker and Kubernetes servers.
Dennis Fisher is joined by Jennifer Leggio, CMO of Claroty, to talk about her career path from journalist to executive and the challenges of learning the intricacies of security in OT environments.
A vulnerability in Apache Struts (CVE-2019-0230) can lead to remote code execution in some circumstances.
The NSA and FBI have exposed a previously unknown malware tool called Drovorub that the agencies say has been deployed by APT28.
The United States is trying to hammer out another data transfer agreement with the European Union after the EU Court of Justice struck down the EU-US Privacy Shield framework last month for “inadequate” privacy protections.
Microsoft on Tuesday patched flaws in Internet Explorer an Windows that have been used in active attacks.
Google has finished its rollout of the changes to the SameSite cookie in its Chrome web browser. Site owners need to explicitly label third-party cookies with `SameSite=None; Secure` in order to use them on other sites.
Amazon has patched five vulnerabilities in its AWS Encryption Client, including a CBC padding oracle flaw.
Facebook has open-sourced Python Static Analyzer, an internally-developed static code analyzer for finding and fixing flaws in Python code. Pysa analyzes how data flows through the application to identify security issues that result when data winds up in an area of the application is shouldn't be able to reach.