Threatpost

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

When asked if the company plans to pay the ransom, its CFO said its main strategy is to use the backup data stored in the system.

The FBI's crackdown on 15 DDoS-for-hire sites appears to have had an impact on DDoS attacks, the average size for which dropped 85 percent in the fourth quarter of 2018, a new report found.

Gnosticplayers has released about 26 million records from what he said are breaches of six new companies.

The newest Mirai variant is targeting WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs used by enterprises.

Developers will have a new option to for Android apps to track location only when in use.

With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.

Lenovo has issued patches for several serious vulnerabilities in its products stemming from Intel technology fixes.

An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.

Attackers are increasingly targeting insecure legacy protocols, like IMAP, to avoid running into multi-factor authentication in password-spraying campaigns.

A full 39 percent of Counter-Strike 1.6 game servers on Steam were found to be malicious.

Vulnerability allows adversaries to access monitoring system used for gathering info on operating systems and hardware.

A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum.

Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.

A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.

Intel has patched several high-severity vulnerabilities in its graphics drivers for Windows 10, which could lead to code execution.

The mobile app, dubbed a "Yelp for Conservatives," was found with an open API leaking reams of user data.

Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think.

Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.

Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.