All organizations with Windows infrastructures should make sure their systems are patched to current versions, Rapid7 suggests.

Cyberespionage attackers have ditched their PowerShell backdoor in favor of the Windows BITS ‘notification’ feature.

Porn-recording feature will likely be used for extortion.

Experiencing a data breach purely from being internet-connected is quite rare. Hackers rely on users to open or install a malicious payload, according to Proofpoint.

These steps walk you through the process of setting up an SFTP server on Linux for the secure transfer of files for specialized file transfer-only users.

Passwords remain the most common way to authenticate your online identity, but companies like Microsoft and Google are using alternate login methods. Tom Merritt offers five alternatives to passwords.

Research highlights how most criminals exploit human curiosity and trust to click, download, install, open, and send money or information.

A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention.

Ever notice a missing company name next to the URL address bar? Ever change behavior because of it? Likely not, so bye-bye, useless badge.

It’s a first: The government has never demanded personal data of a single app’s users from Apple & Google.

Mozilla is about to turn on-by-default an oft-overlooked privacy feature in Firefox.

Most cloud data breaches leave only trace signs of malfeasance, so it can be tricky.

Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

Flaws can potentially affect every device and user on the network by directing them to malicious websites or blocking their access to important data or resources.

A large U.S. manufacturing company is the latest organization to be targeted with the LokiBot trojan - although this most recent campaign harbored some bizarre red flags.