A new study shows why security teams must look holistically across cybersecurity, compliance, technology, and human resources to truly address the business effects of workforce risk.

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading

Norway's Norsk Hydro, the company ensnared in one of the week's biggest stories – a ransomware attack that crippled its systems – is still in the process of recovering.

Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading

The campaign, codenamed “Bad Tidings,” has sought out victims’ credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior’s e-Service portal.

Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.

Researchers said 1 million user sessions could have been exposed to the campaign, which downloads the Shlayer trojan.

Security researchers regularly search IPv4 address space looking for servers with ports exposing vulnerable software. With the massive number of IPv6 addresses, however, they have lost that ability. Can tricks and workarounds save the day?

According to a new report, average and maximum DDoS attack sizes decreased by 85.36% and 23.91%.

Opera lost its Android browser's VPN after it was sold to a Chinese consortium, but now it's back.

A researcher has discovered a high-severity bug in a popular PHP library used for creating PDFs.

A researcher has published a new and relatively simple way that Windows BitLocker encryption keys can be sniffed in less secure configurations as they travel from Trusted Platform Modules (TPMs) du…

The most serious vulnerabilities in Cisco's 8800 Series IP Phones could allow unauthenticated, remote attackers to conduct a cross-site request forgery attack or write arbitrary files to the filesystem.

One hour of downtime from a DDoS attack costs an average of $221,837 globally, according to Netscout.

Google's Instant Apps feature allows you to try apps before installing them, though a vulnerability allows attackers to abuse the feature to steal data.

In both breaches of MyPillow and Amerisleep, the customers whose payment information was potentially stolen were not informed.

If you're looking for an encryption tool that offers a unique approach and a well-designed GUI, FinalCrypt might be just the tool.

The social media giant said that it is notifying users whose passwords it stored in plain text, which made them accessible for Facebook employees to view.