'FritzFrog' is fileless, uses its own proprietary P2P implementation, and has breached at least 500 servers so far, Guardicore says.

The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally.

A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.

There are new issues organizations should consider as work from home continues with no end in sight. One expert offers ideas to secure your widening perimeter.

As part of a continuous testing approach, fuzzing has evolved to provide in-depth code checks for unknown vulnerabilities before deployment.

Experts from the DEF CON Career Hacking Village explain how job seekers can build a resume and rock an interview.

A low-privileged process on a vulnerable machine could allow data harvesting and DoS.

Cisco has issued a fix for a critical flaw in its Virtual Wide Area Application Services (vWAAS), software for optimizing WAN on virtual private cloud infrastructure.

Law would require companies to obtain written consent for biometric data collection and allow people to sue firms that violate its terms

Banks have hesitated to adopt many strong security practices, and for understandable reasons. But now is the time to be bold.

The U.S. election in November is once again expected to be a target of digital adversaries. Experts at Black Hat USA 2020 highlighted the many election security questions authorities must address.

A push to provide public cloud services with production-ready confidential computing capabilities able to protect data, applications, and processes.

Security vendor Fortinet found several important similarities between how enterprises responded, and how they plan to adapt, to a future of remote work.

Cybercriminals have adapted by exploiting improperly secured VPNs, cloud-based services, and business email, says Malwarebytes.

The unscheduled security update addresses two "important"-severity flaws in Windows 8.1 and Windows Server 2012.

The group has added a management console and a USB worming function to its main malware, Crimson RAT.

Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.

Fearful of messing up its implementation, many enterprises are still holding out on MFA. Here's what they need to know.

Researchers discover a lack of explicit memory protections around the shared memory used by the Db2 trace facility.

The high profile attack should spur serious board-level conversations around the importance of insider threat prevention.

Stanford has replaced logins and passwords with a digital key to improve endpoint security.