Security News

Companies such as Siemens and Bayer are planning to release patches for medical devices hit by the ransomware WannaCry over the past several days.

Researchers claim that APT3, widely believed to be a China-based threat actor, is directly connected to the Chinese Ministry of State Security (MSS).

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents.

Apple fixed 66 vulnerabilities - many found at March's Pwn2Own competition - across seven product lines, including Safari, iTunes, macOS, and iOS, on Monday.

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT.

Researchers at DefenseCode claim a vulnerability in Google’s Chrome browser allows hackers to steal credentials and launch SMB relay attacks.

The latest rant from the ShadowBrokers ends with news of a subscription service starting in June that will leak exploits and stolen data to paying customers.

WikiLeaks released details on what it claims are two frameworks for malware samples dubbed AfterMindnight and Assassin, both allegedly developed by the US Central Intelligence Agency.

The results of two audits of the open source software OpenVPN were shared late last week. One found two legitimate vulnerabilities, the other said the service is cryptographically "solid."