Hackers are alleged to be working from a top Chinese university to gather information about American companies and government departments following a trade visit by a US delegation to China.
FireEye researchers are cautioning Malaysian organisations to be on the lookout for elevated cyber-espionage attacks that could result from China's Belt & Road Initiative.
Of 10,644 vulnerabilities reported in the first half of 2018, 3,279 of them (30.8 percent) did not make it into the official CVE or NVD systems, yet 44 percent were of high or critical risk.
Organisations globally, whether small, medium or large, will lose over 146 billion records between 2018 and 2023 as a result of static cyber-security spending and slow adoption of AI and predictive analytics,
The US-Cert announced updates and patches for VMware, Samba, Internet Key Exchange, and Linux kernel, respectively, to address a host of vulnerabilities.
Unpatched vulnerability in macOS devices can allow malware to bypass certain security checks using a technique that fakes user mouse clicks.
Google wants US Supreme Court to rule on Street View privacy case
Security researchers have identified new flaws in the Windows 10 voice assistant Cortana that could allow hackers to access locked systems.
A new speculative execution vulnerability in modern x86 microprocessors from Intel allows a malicious attacker to gain access to data stored in the L1 data cache of such microprocessors.
Hundreds of Instagram users have reported that their accounts were hacked this month with some indicators that Russian attackers may be behind the attacks.
Microsoft Corporation today released a series of Patch Tuesday updates, issuing fixes for 60 flaws, two of which have reportedly been actively exploited as zero-days.
Check Point researchers discovered a new attack surface for Android applications that leverages external storage, dubbed Man-in-the-Disk attacks.
Adobe Systems today issued patched updates for Acrobat and Reader, Flash Player, Experience Manager, and the Cloud Desktop Application, collectively fixing 11 vulnerabilities, two of them critical.
Trustwave has developed and released a free tool companies can use to help them create realistic phishing emails for use with in-house training programs.
A DNS hijacking campaign has been discovered targeting Banco de Brasil and Itau Unibanco customer credentials through the end-user IoT devices.
In spite of bullish promotion, the so-called 'unhackable' Bitfi cryptocurrency wallet has seen a new, more serious hack.
The firing of former White House aide Omarosa Manigault Newman last December made for a dramatic tale worthy of reality TV, but the subsequent revelation this weekend.
Hacking some voting equipment is evidently child's play, at least that was the result of a programme run during Def Con's Voting Village when 35 kids were able to access replicas of six secretary of state websites.
Harsh words were expressed last week by the organisers of the Def Con Voting Village to one of the primary election voting machine manufacturers and the National Association of Secretaries of State.
An open Amazon AWS S3 bucket that exposed GoDaddy's cloud configuration information was originated with an AWS salesperson, according to Amazon, and secured after the UpGuard Cyber Risk Team notified the domain name registrar.
Novel approaches to predictive cyber-security to counter cyber-threats in defence and security are being sought by the Defence and Security Accelerator (DASA).
According to security researchers at Check Point Software, there are a number of flaws the fax functionalities of all-in-one printers that let attacks take control of such devices.
Through its US-CERT division, the US Department of Homeland Security yesterday issued a new analysis report on a remote access trojan called KEYMARBLE.
SamSam creators to date have raked in US$ 6 million (£4.7 million) and the ransomware continues to be a thorn in the sides of organisations in both the public and private sectors.
Kryptowire researchers funded by the Department of Homeland Security reportedly have spotted vulnerabilities built into phones at all major US carriers.
The old phrase that it's hard to teach an old dog new tricks may not be as accurate as one might have thought, as the notorious car hackers Charlie Miller and Chris Valasek gave a talk this week.
Security researchers have recently discovered that the Osiris banking trojan malware has now started using process doppelganging techniques to evade detection from monitoring applications.
A sophisticated ransomware attack recently allowed hackers to take control over several servers owned by the Professional Golfers' Association (PGA) in the United States, encrypting important data.
A great deal of time and effort is dedicated to trying to boost the number of women in cyber-security, but not enough is placed on retaining and promoting the women already in the field.
VMware this week updated its Horizon 6, Horizon 7 and Horizon Client for Windows solutions to fix an important out-of-bounds read vulnerability in the Message Framework library.
Security researcher Ryan Stevenson spotted a vulnerability in Comcast Xfinity's in-home authentication system, which exposed the partial home addresses and partial Social Security numbers of 26.5 million customers.
Some of the biggest players who worked behind the scenes during the run-up to the 3 January disclosure of Meltdown and Spectre came together to discuss what their companies did after the vulnerabilities first became known.
At a time when concern over misinformation abounds, Check Point Software Technologies researchers discovered that miscreants can use a hacked version of WhatsApp to alter information in already-sent messages.
Some 75 percent of IT decision makers questioned reckon that Artificial Intelligence is a silver bullet when it comes to dealing with the challenges of cyber-security.
New research has revealed that the opportunity to earn more money, that of doing something more challenging, and of retaliating against a former employer is driving more security professionals in the UK into engaging in Grey Hat activities
Probing an email address found in Special Counsel Robert Mueller's indictments of 13 Russians for interfering in the US presidential election led GroupSense researchers to the discovery of more than nine million stolen email accounts.
Cyber-criminals waste no time breaking into experimental honeypot designed to look like ICS environment
A research honeypot set up to look like an electric company's power transmission substation network was compromised by a dark web hacker within two days of it going online.
IBM researchers at Black Hat USA 2018 announced their development of DeepLocker, described as a highly targeted and evasive attack tool powered by AI.
The Mozilla Foundation has released the latest version of its Thunderbird email client, fixing 14 security vulnerabilities, including five critical ones, three of which can result in a potentially exploitable crash.
The personal health records of around 100 million people could be at risk from a number of flaws found in a popular open source software for managing medical records.
A Linux kernel vulnerability affecting version 4.9 and up could allow an attacker to carry out denial-of-service attacks on a system with an available open port, according to a 6 August security advisory.
The recently discovered DarkHydrus threat group is now the open-source Phishery tool to harvest credentials from an educational institution in the Middle East.
Federal Communications Commission Chairman Ajit Pai admitted in a statement on Monday that his agency never actually suffered a distributed denial of service attack.
An error involving in a Salesforce marketing cloud API could have allowed third parties to access data or for data to be corrupted.
Security researchers have uncovered a large-scale router compromise that has seen thousands of routers infected with malware based around the CoinHive browser miner.
Sensitive proprietary information about F-35 fighter jets in service with the RAF came within an inch of being compromised after a hacker succeeded in honeytrapping an RAF airman.
The Taiwan Semiconductor Manufacturing Co. (TSMC) had several factories knocked offline late last week due to a cyber-attack.
A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.
Fortnite's Android version will be ditching the Google Play Store after a dispute over Google's 30 percent revenue share, opting instead to distribute through the Epic Games, the game's creator, website.
Amnesty International announced last week that one of its staff members was at the receiving end of a malicious "surveillance campaign" which, it believed, was orchestrated by hackers.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense