A new report shows that Android mobile device manufacturers are getting better at patching the OS, but patching levels vary across models and vendors.
Undocumented cloud configuration changes, whether done by attackers or for legitimate business reasons, present a significant security threat.
Cisco and Palo Alto Networks have fixed similar high-risk authentication bypass vulnerabilities in their network security devices.
The rush to enable employees to work from home in response to Covid-19 resulted in more than 1.5 million new RDP servers being exposed to the internet.
Attackers are exploiting two critical vulnerabilities in the popular SaltStack infrastructure automation software to take control of servers.
Attackers continue to exploit people's fears about the Covid-19 pandemic to increase the success rate of malicious campaigns.
Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.
The sophisticated botnet also has high persistence and is capable of delivering different types of malware in addition to launching DDoS attacks.
The Zoom video conferencing client for macOS does not take full advantage of the application hardening features the operating system offers.
Newly discovered Vollgar attack uses brute force to infect vulnerable Microsoft SQL servers at a high rate.
Security researchers have come across an attack where an USB dongle designed to surreptitiously behave like a keyboard was mailed to a company.
APT41 has compromised apps from Cisco, Citrix and Zoho worldwide at a time when many companies are less able to respond.
A zero trust model addresses many of the security concerns around supporting large numbers of remote workers.
The Load Value Injection attack can bypass security boundaries and mitigations put in place for other CPU vulnerabilities such as Spectre and Meltdown.
The homegrown solution takes advantage of the native capabilities that already exist on container orchestration platforms, built on open source tools.
