Iran-linked cyber-espionage group OilRig is making broad use of DNS tunneling across its tools portfolio, Palo Alto Networks security researchers reveal.

Oracle’s Critical Patch Update (CPU) for April 2019 fixes nearly 300 vulnerabilities, including many that can be exploited remotely without authentication.

A new variant of the HawkEye keylogger/information stealer is being leveraged in ongoing malware distribution campaigns.

Hackers breached Microsoft email services (Outlook.com, Hotmail, MSN) and accessed user accounts after compromising a support agent’s credentials.

Facebook and Google have wrapped up the first edition of their BountyCon Asia-Pacific bug hunting conference, which resulted in $120,000 awarded in bounties.

Google this week announced a series of tools meant to increase the overall security of Google Cloud and improve customer trust in the service.

The DHS and FBI have attributed a new Trojan they track as HOPLIGHT to a notorious threat group believed to be backed by the North Korean government.

Researchers discover a sophisticated APT, named TajMahal, that can steal data from CDs, thumb drives and even printer queues.

SAP this week released 6 Security Notes as part of its April 2019 Security Patch Day, including two that address High severity flaws in Crystal Reports and NetWeaver.

The Flame platform was believed dead following public exposure in 2012, but recently discovered evidence suggests that it remained alive, albeit very well hidden, security researchers at Alphabet-owned Chronicle reveal.

The National Security Agency (NSA) has made the source code for its reverse engineering tool available to the public.