SecurityWeek

A majority of election administrators in the United States have yet to implement cybersecurity controls designed to provide protection against phishing attacks, a new Area 1 Security report reveals.

North Korean-linked threat actor Lazarus has been employing at least four new Mac-targeting malware families in recent attacks, SentinelOne security researchers reveal.

Source code belonging to tens of companies, including several major organizations, has been leaked online after it was found on unprotected DevOps infrastructure.

In a joint alert this week, the United States and the United Kingdom warned that a piece of malware has infected over 62,000 QNAP network-attached storage (NAS) devices.

Facebook on Monday said it is asking EU courts to review "exceptionally broad" requests by antitrust regulators there that would scoop up employees' personal information.

Over the past several days, a hacker managed to replace the payloads typically delivered by the Emotet Trojan with GIF images.

Computer networks of the smartwatch and electronics firm Garmin were coming back online Monday, the company said, after an outage widely believed to have been due to a ransomware attack.

The creators of the Mooltipass hardware password manager have unveiled the Mooltipass Mini BLE, a Bluetooth-enabled version of the device that includes many new and useful features.

Digital banking service Dave announced over the weekend that user data was compromised in a third-party security incident.

The Federal Bureau of Investigation has issued an alert to inform organizations in the United States of the risk associated with the use of Chinese tax software.

Australia’s consumer watchdog launched court action against Google on Monday alleging the technology giant misled account holders about its use of their personal data.The Australian Competition and Consumer Commission’s action in the Federal Court is the latest litigation Google has faced around the world over allegations of privacy breaches.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday to warn organizations about the risk posed by a recently patched vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC).

Microsoft announced last week that it has added scenario-based rewards to the Windows Insider Preview (WIP) Bounty Program, with a top bounty of $100,000.

US officials and scientists have begun laying the groundwork for a more secure "virtually unhackable" internet based on quantum computing technology.

Computer networks of smartwatch and electronics firm Garmin were offline Friday in an incident which raised concerns of a ransomware attack affecting both its aviation and fitness app services.

CalypsoAI, a California-based company that specializes in artificial intelligence and machine learning cybersecurity, announced this week that it has raised $13 million in a Series A funding round.

Twitter says an elected Dutch official was among 36 account holders whose direct message inboxes were accessed in a recent high-profile hack.

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology (OT) systems to cyberattacks.

Chinese drone giant Da Jiang Innovations (DJI) on Thursday responded to the disclosure of security issues discovered by researchers in one of its Android applications.

A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.