An overabundance of confidence can lead to blind spots, but a Nominet report finds widespread doubt in organizations' security posture.

A majority of IT staffers polled by firewall management service FireMon said they still use manual processes to manage changes.

Cybercriminals tried to take the Labour Party's digital platforms offline weeks before the election on December 12.

The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change.

Adobe’s monthly patch load is low for November, with only three critical bugs and eight important ones fixed.

The platform is a favorite target for the Magecart collective of card-skimming threat groups.

The issue is in an Intel chip used for remote management.

A member of IBM's X-Force Red team hacked two CBS reporters for three weeks. Find out what information she gathered, as well as what phishing entails.

MonsterCloud CEO says RYUK attacks can be fatal for businesses that can't afford to pay the ransom or to get help from experts.

In wake of a massive breach, a U.S. Senator is pressing the U.S. Department of Health and Human Services to explain how it oversees medical imaging security.

Hospitals are reluctant to disclose attacks, and regulations don't offer clear advice about what to tell patients.

Attackers could take advantage of simple design flaws in widely distributed drivers to gain control over Windows systems.

Organizations without MFA are wide open to attack when employees fall for phishing scams or share passwords. What's holding them back?

IIoT-generated data – calibrations, measurements and other parameters – still need to be stored, managed and shared securely.

Attackers over the past month have been using a rarely seen approach to disrupt services at large organizations in several countries.

Microsoft tackles 74 bugs as part of its November Patch Tuesday security bulletin.

Rogue employees -rather than external threat groups - pose a formidable threat to incident response teams.

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

Stability of PCI DSS helps companies cope and create more mature security programs, but some parts of the Payment Card Industry's Data Secure Standard continue to cause headaches.

A new Nominet survey shows a familiar disconnect between business and security teams on the matter of cyber preparedness.