Threatpost

Microsoft broke its built-in antivirus utility, thanks to a patch for a different issue.

An on premise hacker can cripple even the best cybersecurity defenses.

Researchers discovered that smart TVs from Samsung, LG and others are sending sensitive user data to partner tech firms even when devices are idle.

Marc Rogers discusses the logistics behind a recently-proposed anonymous bug submission program, meant to encourage ethical hackers to submit high-level bugs anonymously.

The fake emails direct victims to log into a bogus IRS site.

The idea that humans are the weakest link shouldn't guide the thinking on social-engineering defense.

The ever-changing malware is jumping in the middle of people's existing email conversations to spread itself without suspicion.

The U.S. is attempting to seize any assets related to Edward Snowden's new memoir, Permanent Record.

Cynet’s new RFP templates clearly lay out the requirements for securing potential APT vectors.

The attack -- the 4th-largest the company has ever encountered -- leveraged WS-Discovery, which is found "everywhere."

The malware landscape is constantly changing; including a rise in a new malware called LookBack, as well as anticipation over the return of the Emotet and Retefe malware families.

Though harboring unsophisticated payloads, the Panda threat group has updated its tactics - from targets to infrastructure - and successfully mined hundreds of thousands of dollars using cryptomining malware.

Bug impacts VMware Workstation 15 running 64-bit versions of Windows 10 as the guest VM.

The bug was first found in 2016.

A configuration setting in Google Calendars does not sufficiently warn users that it makes their calendars public to all, a researcher argues.

The company has patched a vulnerability that could allow malicious sites unauthorized access to usernames and passwords.

Julian Assange is among those impacted.

Independent researchers found 125 different CVEs across 13 different router and NAS models.

Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity.

ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market.