SecurityWeek

Most businesses lack insight into the actual value of critical data assets that are targeted by cybercriminals, a recent report from security consultant IRM reveals.

Mac users can be exposed to malware and applications that engage in other types of nefarious behavior just as Windows users are, the latest development in the OSX.Pirrit adware reveals.

In my previous contributions I covered authentication and authorization in Hadoop. This time I will be covering Audit, the third of the three AAAs of Information Security.  Audit and monitoring are critical to data security.

A recently discovered Mac OS X backdoor that masquerades as a document converter can provide attackers with full control over a compromised system, Bitdefender security researchers say.

Darktrace, a cybersecurity startup that leverages machine learning and mathematics to detect threats, announced on Wednesday that it has raised $65 million from a group of investors led by private equity firm KKR.

The Role of Attribution in Developing Cybersecurity Norms of Behavior

A third-party keyboard application for Android that had over 50 million installs was found to collect user data and send it to a remote server, Pentest Limited researchers reveal.

New Public-Private Partnership on Cybersecurity is Expected to Trigger €1.8 Billion of Investment by 2020

Researchers at security firm ESET have come across a malicious toolkit used by threat actors in cyber espionage operations targeting government organizations in Central and Eastern Europe.

It was a great time at the Gartner Security & Risk Management Summit last month in National Harbor, MD. Good to see old friends and make new ones.

One of the features that Microsoft will debut in the upcoming Windows 10 Anniversary Update, is Windows Information Protection (WIP), a feature meant to keep user’s information safe even when data leaks occur.

Satana, a new ransomware family that emerged in the past week, has copied some of its functionality from Petya and Mischa, two connected crypto-lockers observed over the past several months.

China-Based Hackers Compromise 85 Million Android Devices

An Office vulnerability patched by Microsoft more than four years ago continues to be exploited in many attacks where malicious actors attempt to deliver malware using specially crafted documents.

Google has patched several vulnerabilities in Caja that could have been exploited for cross-site scripting (XSS) attacks on the Google Docs and Developers domains.

Zepto, supposedly a variant of the well-known Locky ransomware, was recently spotted in a distribution campaign that involved over 100,000 spam messages, Cisco Talos security researchers warn.

Most Android Devices Susceptible to Full Device Encryption Bypass

A researcher has discovered several vulnerabilities in Sierra Wireless industrial gateways, but the vendor will not address the issues because the products are approaching end of life.

A researcher has discovered a zero-day firmware vulnerability that can be exploited by malicious hackers to disable security features on Lenovo, HP and likely other PCs.