More than half of incident response employees have encountered counter-IR instances in the form of log destruction and evasion tactics, according to Carbon Black.

Several Toyota companies have announced that they might have suffered data breach attempts, with one affecting 3.1 million customers.

White hat hacker reverse engineers financial apps and finds a treasure trove of security issues.

VMware has released patches for several critical security vulnerabilities, days after two were unveiled at Pwn2Own.

There’s growing interest in social networks that prioritize user control. Two of the popular ones are Mastodon and Diaspora.

New technology will be integrated into Rapid7's cloud-based security analytics platform.

An investigation of mobile apps from 30 financial institutions reveals weak encryption, data leakage, insecure data storage, and other vulnerabilities.

More millennial women are entering the field, but wage gap issues remain, according to an (ISC)² report.

The malware, dubbed Exodus, records and steals all manner of data and leaves phones vulnerable to further hacking and data tampering.

As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.

Maryland man conspired in a business email compromise scheme that stole from at least 13 separate victims over the course of a year.

Multi-factor authentication is a common strategy, while Zero Trust is gaining traction, according to an Okta report.

Third-party cyber threats are impacting major business decisions, according to a BitSight and CeFPro report. Here are some of the biggest challenges.

Google's April Android Security update fixed 12 Android-specific vulnerabilities including three critical remote code execution flaws.

The kit's authors demonstrate a knowledge of Verizon's infrastructure.

The security services company releases a distribution of 140 programs for penetration testers who need to launch attacks and tools from an instance of Windows.

Security has tended to be a bolt-on to enterprise software, but Sqreen hopes to make it part of the normal way developers work.

When selecting targets, attackers often consider total cost of 'pwnership' -- the expected cost of an operation versus the likelihood of success. Defenders need to follow a similar strategy.

The latest breach appears to have impacted at least two million credit card numbers across six restaurants, for 10 months.

People who understand information governance, privacy, and security should be active participants on the distributed ledger technology implementation team to ensure success.