The groups, all tied to the Winnti supply-chain specialist gang, were seen using the same Linux rootkit and backdoor combo.

The CISO for Indiana University Health says simple policies, good communication, and strong authentication go much further than vendor tools in solving security problems.

A security engineer and infrastructure engineer with Salesforce share lessons learned from their professional role reversal, and advice for people on both teams.

Report: Monsoon Accessorize uses an insecure version of Pulse Connect Secure VPN, exposing records of company and customer data. Read to learn more.

Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.

At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft's malicious macros protections to infect MacOS users.

An alleged hacker’s bail hearing held online via Zoom with screen sharing enabled… what could possibly go wrong?

Despite the FBI announcement, hospitals, schools, and government offices across the world still use Windows 7.

It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.

Online shopping is the most prevalent type of scam with people losing nearly $14 million to date, according to FTC data.

More training on security tools and better performance metrics can accomplish this, according to a new survey.

Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches.

Security researchers find 34 additional vendors, and 47 devices, affected by the widespread Ripple20 vulnerabilities.

Attackers that can compromise enough products such as smart ACs and heaters can tweak power demand in subtle ways for financial gain or to hurt market players, researchers at Black Hat say.

Here's how to blunt the twinned forces of shadow IT and counterfeit apps and keep your data safe.

Omdia Cybersecurity Accelerator analyst Eric Parizo describes the value overwhelmed security managers may find in a SPIF.

The fine is part of a series of steps required by the Office of the Comptroller of the Currency.

Nick Gregory, research scientist at Capsule8, talks about his session with Capsule8 data scientist Harini Kannan, Uncommon Sense: Detecting Exploits With Novel Hardware Performance Counters and Machine Learning Magic.