User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.

When it comes to IoT, the priority at CES is the "wow factor" - but not so much a focus on security.

A group believed to be operating out of Iran has manipulated DNS records belonging to dozens of firms in an apparent cyber espionage campaign, FireEye says.

The new attack hits operating systems, not chips, and may give criminals the keys to a company's cryptography.

Christian Rodriguez says he set up secure VoIP communications for the cartel: a system whose encryption keys he wound up giving to the FBI.

A trader believes he could easily have obtained admin access to the site and potentially have stolen the funds of its 600,000 users.

Dan Patterson interviews Xerox CISO Alissa Abdullah about protecting sensitive data from adversaries. They also discuss the recent Marriott hack, privacy, ransomware, machine learning, and IoT.

Old Twitter posts could reveal more about you than you think, according to researchers, even if you didn’t explicitly mention it.

Security concerns top the list of challenges to cloud migration, according to a Cloud Security Alliance report.

It is great to have heroes, but the real security heroes are the men and women who keep the bad guys out while fighting their own organizations at the same time.

A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means.

As the shutdown continues into its 21st day, dozens of .gov websites haven't renewed their TLS certificates.

A new CSA report addresses the issue of breach responsibility as more organizations move ERP application data the cloud.

The latest malware from TA505 has been seen targeting banks, retailers and restaurants with two different versions.

Dark Reading: Connecting The Information Security Community. Explore our slideshows.

Mondelez files lawsuit after Zurich rejects claim for damages from massive ransomware attack.