Early variants of a self-replicating ransomware implemented entirely in VBA macros were discovered last week.
Symantec patched a certificate spoofing vulnerability in its Install Norton Security product that occurs when downloading Norton for Mac
As misconfigured Amazon servers continue to leak sensitive data, Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.
Colorado is implementing a Risk-Limiting Audit Process to verify election results in hopes of building more confidence in the outcome of its elections.
Amazon is taking action to combat the recent wave of its Amazon S3 server being left misconfigured subsequently exposing potentially sensitive data
Hackers have been breaking into corporate servers via RDP brute-force attacks and manually infecting them with a new variant of ransomware called LockCrypt.
The Active Cyber Defense Certainty Act (H.R. 4036) is gathering additional bipartisan support with seven House members signing on as co-sponsors.
A Twitter user is warning girls that Apple's machine learning is capable of categorizing images of women in their intimate apparel that are saved to a device.
McAfee announced it will no longer permit foreign governments to scrutinize its product source code for hidden backdoors.
Malwarebytes researchers are warning users not to buy into the hype, or the actual products, offered with Amazon's Key service.
After the KRACK epidemic and the ROCA scare the latest DUHK cryptography attack may more of a threat than its quacked up to be for old Fortinet FortiGare devices.
Engility Holdings and the Center for Cyber Safety and Education are offering a scholarship program to help returning veterans gain cybersecurity certifications to reenter the workforce.
An Android banking trojan dubbed LokiBot turns into a ransomware when users try to remove its admin privileges in a last ditch effort to extort the user.
Encryption has kept the FBI from accessing 7,000 mobile devices, says FBI Director Christopher Wray.
Cybercriminals took advantage of popular cryptocurrency exchange Poloniex's lack of an official app to dupe unsuspecting users into downloading credential stealing malware.
A recent Symantec report found 25 percent of financial service employee mobile devices have unpatched vulnerabilities.
The Norwegian Consumer Council and Mnemonic researchers are warning consumers about the dangers of poorly secured smartwatches marketed to children.
University of Washington researchers were able to surveil individual users using less than $1,000 worth of targeted advertising.
The cyberespionage group Leviathan is targeting high-value targets in the maritime industries, naval defense contractors, and associated research institutions.
The Estonia government issued an update on a vulnerability potentially affecting digital use of ID cards issued since October 2014.
Banks face a new hybrid threat from hackers that has already netted criminals a cool £30 million, according to a new report.
Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.
An infostealer malware in search of credentials, private keys, SSH keys, Bitcoin wallets and more, that is being distributed via a compromised website.
The FBI issued a flash alert warning people to patch the Apache Struts vulnerabilities warning that it enabled an unnamed corporate breach.
A proposed security change to the underlying infrastructure of the internet has been significantly delayed due to fears that it could knock an estimated one-in-four global Internet users, or 750 million people, offline at a stroke.
NCSC annual review: 1,131 attacks reported - thus two significant attacks per day, with 590 classed as significant and more than 30 requiring a cross-government response - industry reaction varies.