Recent phishing campaigns uncovered by Microsoft are using custom 404 error pages and search result poisoning to fool victims.
The measure of a bug bounty program's success is not how much researchers were paid, but how the organization handled the volume of new reports. GitLab's James Ritchey share some of the lessons learned in the company's first year of the public bug bounty program.
Mozilla will soon require add-on developers to enable 2FA for their accounts in an effort to defeat supply chain attacks.
Microsoft patched CVE-2019-1458 in Windows, a privilege escalation bug that is being used in active attacks.
Maze ransomware, which infected Pensacola, Florida, exfiltrates the data to a remote server before encrypting the local copies in order to force victims to pay the ransom. The group threatens to publicly release the files if the victims don't pay.