Latest News

Hundreds of mobile applications that use the Twilio SDK or REST API include hardcoded credentials that could be abused to access millions of calls and text messages, researchers warned on Thursday.

Several recent cyber attacks have successfully targeted organizations that should be poster children for security hygiene. Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?

Poland on Wednesday agreed to test a cybersecurity pilot program for the aviation sector as Europe's EASA civil aviation authority tackles the potential threats posed by hackers to air traffic.

A former U.S. Secret Service agent already convicted for stealing bitcoins from the now-defunct underground marketplace Silk Road has been handed another prison sentence for the theft of digital currency from the government, the Department of Justice announced this week.

The cyber espionage group known as "Tick" is using steganography to conceal their backdoor Trojan better, according to analysis from security firm Trend Micro.

Survey Finds That DevOps Often Improves IT Efficiency While Weakening IT Security

A Google researcher has found a significant number of vulnerabilities in the Linux kernel USB subsystem using the Syzkaller fuzzer.

Over a decade ago, as the digital economy was getting its legs, data loss prevention (DLP) technology was seen as the savior for companies fearing exposure of sensitive internal and customer data.  In the intervening years, DLP has gone from hero to goat and back again. 

Amazon announced this week that it has added five new security and encryption features to its Simple Storage Service (S3), including one that alerts users of publicly accessible buckets.

A recently disclosed crypto-related vulnerability affecting some Infineon chips can be exploited in a shorter amount of time than initially believed, researchers demonstrated.

The Russia-linked cyber espionage group tracked as APT28 and Fancy Bear has started delivering malware to targeted users by leveraging a recently disclosed technique involving Microsoft Office documents and a Windows feature called Dynamic Data Exchange (DDE).

A cyberespionage group that has been active since at least early-2015 has been targeting organizations in South America and Southeast Asia, while focusing mainly on foreign policy institutions and diplomatic targets, Symantec reports.

Despite Continious Warnings, Organizations Fail to Protect Privileged Accounts

The United States Department of Homeland Security’s US-CERT has issued an alert to warn on cryptographic weaknesses impacting the IEEE P1735 standard, which describes methods for encrypting electronic-design intellectual property and the management of access rights for such IP.

Estonia said Tuesday it had arrested a suspected Russian spy allegedly plotting a cyber-crime, in the latest incident to strain relations between the small Baltic state and the Kremlin.