Security News

A vulnerability recently addressed in LastPass could be abused by attackers to expose the last site credentials filled by LastPass. A freemium password manager, LastPass stores encrypted passwords...

Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay...

Trustwave security researchers have discovered five new credential leaking vulnerabilities, two in a D-Link DSL modem and three in multiple Comba Telecom WiFi devices. read more

Flaws can potentially affect every device and user on the network by directing them to malicious websites or blocking their access to important data or resources.

Multiple security vulnerabilities have been discovered by SEC Consult in various Zyxel devices, including flaws that involve sending unauthenticated DNS requests and hardcoded FTP credentials. read more

In a new report, McAfee Labs said cybercriminals were focusing in on attacking weak IoT devices and extracting huge troves of data from large companies.

The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject malware and mining software through...

What They Are and How to Handle ThemTo explore how credential stuffing attacks and brute force attacks differ, we need to understand what they are and how they operate. Here is a quick summary.

A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification.

The insurance giant serves at least 83 million U.S. households.