The more things change, the more they stay the same. That's true for software security, even in these turbulent times.

Cisco has fixed 12 high-severity flaws in its Adaptive Security Appliance software and Firepower Threat Defense software.

The new macOS remote access Trojan from the Lazarus Group uses a two-factor authentication app as its delivery mechanism.

Protecting your Linux servers against SYN attacks and IP spoofing isn't nearly as hard you think. Jack Wallen shows you how.

The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote code execution before moving laterally through the enterprise.

Passwords are on their way out, says Joy Chik, who offers guidance for businesses hoping to shift away from them.

With grocery delivery in higher demand than ever, new add-ons have emerged to secure slots for consumers, presenting a new pathway for bad bots to wreak havoc.

Malware, spies and hackers, plus erosion and sharks, threaten fiber-optics that transmit almost all the world's data

Google deleted more malicious extensions from the Chrome Web Store after they were found to be phishing cryptocurrency users.

If you enjoy what you read, hear and see from the Naked Security team, please vote for us – it means a lot!

Companies are looking to "shift left" with Infrastructure-as-Code (IaC) security capabilities to improve developer productivity, avoid misconfigurations and prevent policy violations.

DevSecOps is a big and sometimes difficult shift for organizations. The key to success? Take small steps.

Malware, spies, and hackers, plus erosion and sharks, pose huge risks to the fiber optics that transmit almost all the world's data.

The Shiny Hunters hacking group said it stole 500 GB of data from the tech giant’s repositories on the developer platform, which it owns.

The emails, hashed passwords and usernames of 3.5 million users of the dating app MobiFriends were put up for sale on an underground forum.