The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
A very advanced and targeted cyber-espionage campaign has been active for five years, and employs stealthy malware that can penetrate air-gapped networks and exfiltrate data using multiple techniques, security researchers warn.
As the Pokémon Go craze continues to take off, it's clear that when it comes to chasing virtual creatures through real-world locations, too many people fail to keep some common sense guidelines in mind.
In the wake of the Hillary Clinton email controversy, organizations need to be more aware of the risks of unsanctioned "shadow IT" and take appropriate mitigation steps, says security expert Mac McMillan.
More than 200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability known as Heartbleed, more than two years after the flaw was publicly announced and related patches released, warns security researcher Billy Rios.
While malware may be used for an initial attack, hackers quickly begin using tools to move around networks that often don't raise suspicion. Here's what to look out for to detect a "low and slow" attack.
A massive scan of open internet ports confirms long-held assumptions that old, insecure internet protocols never die, and in fact may still thrive, especially in Belgium, says Rapid 7 security research manager Tod Beardsley.
First the hackers came for our credit cards. Now they're taking control of our TVs. Witness the latest version of FLocker - for "frantic locker" - which is designed to lock Android devices, including smart TVs.
For its next move since jettisoning storage firm Veritas and becoming a pure-play security vendor, Symantec plans to buy network and cloud security firm Blue Coat from private-equity owners Bain Capital for $4.65 billion, gaining a new CEO in the process.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
Vietnam's TPBank says it successfully foiled more than $1 million in fraudulent transfer requests apparently initiated by the same hackers who targeted Bangladesh Bank and other SWIFT-using institutions with PDF reader malware.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.