Dropper malware become more popular as hackers turn to more quiet attack techniques to avoid detection.

Reward for vulnerability research climbed 83% in the past year.

An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.

Security experts say the attack stemmed from weak cybersecurity controls.

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.

Can a stream of data intended for network performance monitoring be the basis of network security? One company says the answer is 'yes.'

Meanwhile, criminals waged more encrypted, ransomware, and IoT attacks.

A hole in the supposed closed-loop messaging system allowed children to join group chats with people their parents hadn’t approved.

Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.

Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the IoT need protection.

Do you travel to dangerous places, like Information Security Conferences?

The 787 Dreamliner, WhatsApp, and Windows 10 are all subjects of cutting-edge Reverse Engineering talks at this year's August event.

In the second of a two part series discussing recent ransomware attacks against municipalities, Shawn Taylor with Forescout talks about how cities can protect themselves.

Malware that used to be advanced is now available to everyone. These three actions could help you stay safer.

An inside look at staffing levels, budget allocation, outsourcing habits, and the metrics used by security operations centers (SOCs).