CISOs: Stop abdicating responsibility for problems with users, it's part of your job.

Using an on-again, off-again strategy of C2 communication helps it hide from researchers.

Why you shouldn’t worry about the Momo Challenge, and what we can learn from it.

The Watchlist, which contained the identities of government officials, politicians, and people of political interest, is used to identify risk when researching someone.

News on a new data privacy bill, the FTC's latest $5.7M fine, and hacking Instagram profiles - catch up on the week's infosec news with this roundup!

The Threatpost team talks about the biggest cybersecurity stories, trends and research we’ll see at RSA this year.

Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product.

What does the age of near-ubiquitous data breaches, deep fakes, and fallible biometric authentication mean for enterprise security?

New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers’ expectations in complexity, scope and breadth.

From the Momo Challenge to Mozilla’s potential insider threats from Aussie staff, and everything in between – it’s weekly roundup time.

Student researchers working with IBM X-Force Red team find security holes in five leading visitor management systems.

As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution.

A security company was able to track command and control traffic generated by hacking groups thanks to an anomaly in a pen-testing tool.

Facebook, Signal and Telegram are all planning cryptocurrencies. But why these companies, why now, and will they be successful?

It’s been a predator’s playground, where children’s photos have been public by default and trolling adults could message them.

After big brands pulled ads, YouTube banned millions of comments, closed hundreds of accounts, and sped up development of a predator filter.

A proof-of-concept hack allows adversaries to tweak old exploits, have code jump containers and attack underlying infrastructure.

The workforce and skills gap in cybersecurity continues to plague organizations.

Training and certification offerings are becoming less effective in helping organizations retain security employees, according to an ISACA report.

Despite initial apprehension, security pros immediately began to notice some benefits.

Prioritizing risk under a deluge of vulnerabilities is stretching IT security professionals too thin, while the C-suite fails to provide adequate support, according to a Deloitte report.