Security News

For a second time this month, a Locky ransomware variant called IKARUSdilapidated is part of a calculated phishing attack targeting office workers with fake scanned image attachments.

Siemens fixed a session hijacking vulnerability in its LOGO! logic module Wednesday but says a second issue, one that could help facilitate a man-in-the-middle attack, has no fix currently.

Researchers accessed the Onliner spambot and found 711 million records, including email addresses, email and password combinations, and SMTP credentials and configuration files.

Google began sending out notices to site owners this month who haven't yet migrated from HTTP to HTTPS warning them that in October their sites will be marked "NOT SECURE."

Researchers have come up with a way to blind ISPs and attackers in a man-in-the-middle position to network traffic emanating from smart home devices.

Researchers warn a retooled ‘Jimmy’ Nukebot no longer steals bankcard data, rather focuses on avoiding detection as it downloads malicious modules.

The disclosure and recent analysis of thousands of leaked telnet credentials paints a bleak picture of the state of IoT security.

Drone manufacturer DJI announced Monday it was launching a bug bounty program to reward researchers who find vulnerabilities in its drones.

A legal defense fund established to ease Marcus Hutchins’ attorney costs has been disbanded after a sizable number of fraudulent donations were discovered.

Eight members of the National Infrastructure Advisory Council resigned last week, citing insufficient attention to the growing threats to the cybersecurity by the Trump Administration.