The victims, who post car reviews and other videos about the auto industry, were targeted in a seemingly coordinated campaign to steal account access.

It appears this summer's 46-million-person breach at a Southeast Asian airline carrier wasn’t caused by a misconfigured bucket but by two ex-staffers at a contracting firm.

To get the best out of your policy, do more than just sign on the dotted line.

Don't let your Android's MAC address give away your location--use a Randomized MAC address instead.

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

A spearphishing campaign first uncovered in July is hitting more utilities firms and spreading the LookBack malware, which has capabilities to view system data and reboot machines.

Where most organizations fall short in risk management tools, technologies, and talent, and how they can improve.

Microsoft has issued a patch for an Internet Explorer remote code execution flaw that is being actively exploited in the wild.

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

Andrei Tyurin, a Russian national, pleaded guilty to hacking charges related to a massive cyberattack campaign targeting US financial institutions and other companies.

Instead of throwing money at every security tool and service, take the time to truly get to know your business and what you security budget should be.

Your Instagram account has value to the crooks – so they’re coming up with some cunning tricks to get at your passsword.

Admins have a spot of patching work on their hands after the company released updates addressing two critical flaws.

Apple has turned off the ability for adblocking companies to use their own blocking mechanisms in Safari.

400 developers have been naughty with user data, noncompliant with policy, and/or have ignored Facebook’s audit, it says.

Need to hide your location and encrypt your Firefox browser data? Look no further than the new Firefox Private Network add-on.

'AdBlock' and 'uBlock' impersonate legitimate extensions but instead engage in cookie stuffing to defraud affiliate marketing programs, a researcher has found.

An inside look into the engineering mindset of DevOps from the vantage of a career security professional.

A cautionary tale from a pen test gone wrong in an Iowa county courthouse.

Vulnerabilities originally discovered by US government security services have been used by cybercriminals against municipalities, costing taxpayers an estimated $11.5 billion in 2019.

Add a password manager to Nextcloud so your users can start using strong passwords more easily.