A Shmoocon presentation points out several weaknesses built in to Kubernetes configurations and how a researcher can exploit them.

The company believes state-sponsored actors may also be involved.

Here's what small and midsize businesses should consider when they decide it's time to up their website security.

The medical device giant has issued fixes for bugs first disclosed in 2018 and 2019.

As part of its February bug fixes, Google is patching a critical severity remote code execution vulnerability and an information disclosure bug.

For cities, states and towns, paying up is short-sighted and only makes the problem worse.

In the healthcare sector, concerns about the spreading coronavirus outbreak have reignited the discussion around HIPAA, protected health information, and when it's legal for healthcare providers to disclose patient records.

Almost half of security professionals don't know where or how to use Zero Trust policies in a hybrid IT environment, says a survey commissioned by security provider Pulse Secure.

Mozilla offers users a service that will send alerts for account breaches associated with email addresses. Find out how to use Firefox Monitor.

Mozilla offers users a service that will send alerts for account breaches associated with email addresses. Find out how to use Firefox Monitor.

HR experts and tech leaders say organizations that skip training during a tech transition almost always pay a high price.

Customers took to Twitter to air their grievances after some of the transportation giant's operations were downed.

Various APT groups are successfully using Web shell attacks on a more frequent basis.

Red Kite said that domain-spoofing and convincing scam emails claiming to be from suppliers were the cause.

Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets.

Six of them were the same as from the previous year, according to new Recorded Future analysis.

Almost three-quarters of enterprises plan to have a zero-trust access model by the end of the year, but nearly half of cybersecurity professionals lack the knowledge to implement the right technologies, experts say.

Most of the targets in 2019 were in the gaming and gambling industries, says security company Imperva.

Infrastructure as code offers advantages in automating your data center management but also carries certain risks, says Unit 42, the global threat intelligence team at Palo Alto Networks.

Research have been tracking an uptick in Gamaredon cyberattacks on Ukrainian military and security institutions that started in December.