A new lawsuit says that GitHub bears responsibility for the Capital One breach because it actively encourages hacking and stored stolen data.

Cybercriminals are initiating more attacks using low-bandwidth techniques, but the tactics expand the gray area between DDoS attacks and popular methods of mass scanning.

A bug in an obscure legacy Windows protocol can lead to serious real-world privilege-escalation attacks.

The notebook maker is warning users of three separate vulnerabilities.

Microsoft is urging users to patch a series of critical, BlueKeep-like vulnerabilities in Windows that could be used to spread malware and affect as many as 800 million machines.

Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.

A publicly accessible database exposed the fingerprints and facial recognition information of millions, thrusting biometrics security into the spotlight once again.

Organizations should update to latest build as soon as possible, security vendor says.

Researchers see the rise of new relationships and attack techniques as criminals put companies' resilience to the test.

Criminals are using the tools intended to protect consumers to attack them through techniques that are becoming more successful with each passing month.

Facebook says it’s paused the practice of collecting voice clips and sending them to employees to transcribe and analyze.

When users of hacking forums turn on each other, expect things to get messy quickly.

There are many ways to compromise company data, but IT teams often overlook one of the most serious: the humble printer.

Email takeover and lateral phishing attacks are a growing threat to enterprises, according to a Barracuda report.

Episode 4 of the Naked Security Podcast is now live – listen now!