A security vulnerability discovered and patched 10 years ago has remained unaddressed in various Avaya phones until recently, McAfee security researchers have discovered.

A vulnerability (CVE-2019-11247) in the Kubernetes container orchestration system could allow users to read, modify or delete cluster-wide custom resources.

Chrome 76 closed a loophole that allowed sites to detect when the Incognito Mode was being used, but a bypass for it has already been discovered.

Hackers linked to the Russian government are using IoT devices as points of ingress to establish a presence on corporate networks.

Less than a fifth of professionals who responded to a recent poll say they are very confident in their ability to secure Internet of Things (IoT) and Industrial IoT (IIoT) devices.

A variant of the Mirai Internet of Things (IoT) malware is using a command and control (C&C) server on the Tor network, Trend Micro’s security researchers have discovered.

Attackers are targeting the United States Utilities Sector with LookBack Malware and using phishing attacks impersonating engineering licensing boards to compromise targets.

Cybercriminals managed to divert $2.5 million in a business email compromise (BEC) scam targeting Cabarrus County, North Carolina. $1.7 million remains missing.

Security researchers from industrial cybersecurity firm Dragos have identified a new threat actor targeting industrial control systems (ICS) related entities in the oil and gas and telecommunications sectors.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple vulnerabilities access control systems made by Prima Systems.

Security researchers working with Google’s Project Zero have discovered a series of five vulnerabilities in Apple’s iOS platform, some of which can be exploited without user interaction.