Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

A spearphishing campaign first uncovered in July is hitting more utilities firms and spreading the LookBack malware, which has capabilities to view system data and reboot machines.

Where most organizations fall short in risk management tools, technologies, and talent, and how they can improve.

Microsoft has issued a patch for an Internet Explorer remote code execution flaw that is being actively exploited in the wild.

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

Andrei Tyurin, a Russian national, pleaded guilty to hacking charges related to a massive cyberattack campaign targeting US financial institutions and other companies.

Instead of throwing money at every security tool and service, take the time to truly get to know your business and what you security budget should be.

Your Instagram account has value to the crooks – so they’re coming up with some cunning tricks to get at your passsword.

Admins have a spot of patching work on their hands after the company released updates addressing two critical flaws.

Apple has turned off the ability for adblocking companies to use their own blocking mechanisms in Safari.

400 developers have been naughty with user data, noncompliant with policy, and/or have ignored Facebook’s audit, it says.

Need to hide your location and encrypt your Firefox browser data? Look no further than the new Firefox Private Network add-on.

'AdBlock' and 'uBlock' impersonate legitimate extensions but instead engage in cookie stuffing to defraud affiliate marketing programs, a researcher has found.

An inside look into the engineering mindset of DevOps from the vantage of a career security professional.

A cautionary tale from a pen test gone wrong in an Iowa county courthouse.

Vulnerabilities originally discovered by US government security services have been used by cybercriminals against municipalities, costing taxpayers an estimated $11.5 billion in 2019.

Add a password manager to Nextcloud so your users can start using strong passwords more easily.

100K or so creators in the YouTube car community were targeted by a phishing campaign that captured 2FA codes.

Researchers warn that the Russia-linked APT has freshened up their tools with an improved downloader and more.

Nearly half of office workers said they had their data compromised. Here's why they keep falling for phishing scams.

Seen this month attacking victims in India, the Dtrack malware is bent on financial gain and high-end spying.