SIM swaps, insecure web design, phishing, and channel-jacking are four ways attackers are circumventing MFA technology, according to the FBI.

Customers won't buy services or products from companies if they don't trust how their data will be used, Cisco found.

The majority give outside partners, contractors and suppliers administrative access — without strong security policies in place.

Further details of the flaw, which has recently been patched by Microsoft, were disclosed Tuesday by researchers.

Researchers Leigh-Anne Galloway and Tim Yunusov chat about their work testing Visa's contactless payments security system vulnerabilities.

Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading

Why businesses need guidelines for managing their employees' personal information -- without compromising on security.

Linux users running the enterprise-search platform Solr are potentially vulnerable to remote code execution attack.

In an advisory published this week, the NSA outlined the risks of Transport Layer Security Inspection (TLSI) and provided security mitigations for organizations.

In scope RCE Mozilla bug bounty payouts have also tripled to reach $15,000.

External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access.

Organizations that have not yet applied a pair of months-old critical patches from Oracle for E-Business Suite are at risk of attacks on their financial systems, the application security firm says.

The Coalition Against Stalkerware launched this week, with the aim of offering a centralized location for helping victims of stalkerware, as well as defining what stalkerware is in the first place.

Twitter wagged its finger at the UK’s Conservative party for renaming its press account “factcheckUK” during a live TV debate.