Security News

Adobe patched 81 vulnerabilities, including a handful of critical bugs, in Acrobat, Reader, and Flash on Tuesday.

The IoT botnet behind the some of the largest publicly recorded DDoS attacks is flooding its targets with HTTP traffic in Layer 7 attacks.

Kaspersky Lab researchers have uncovered the StrongPity APT, a group that uses watering hole attacks to infect machines of users seeking encryption technologies such as WinRAR and TrueCrypt.

Researchers sort out what went wrong when an estimated 500,000 DVRs and IP-based cameras were used in a series of massive DDoS attacks in September.

Mike Mimoso and Chris Brook discuss this week's Virus Bulletin conference in Denver and CNBC's Cambridge Cyber Summit at MIT, the NSA contractor arrest, APT false flags, and more.

Investigating state-sponsored espionage and counterterrorism is one thing. Writing public reports about these activities is another.

Networking giant Cisco issued five security bulletins this week with two critical bugs allowing remote execute code.

Mac security researcher Patrick Wardle released a tool called OverSight that monitors when malware may be recording a webcam or audio session on a macOS machine.

Researchers estimate thousands of ecommerce sites are under attack by a single threat actor that has infected servers with a web-based keylogger.

Cindy Cohn, the EFF's Executive Director, called the NSA's support of strong encryption disingenuous during a cybersecurity conference panel Wednesday.