Editor's Pick

Buffer Overflow to Run Root Shell - Full Tutorial

Buffer Overflow Basics Overview Buffer overflows were an earth-shattering vulnerability exploited in the late 1980’s that are protected against on modern systems. That said, they are still relevant, and pave the way to learning more advanced e...

Latest news

New Social Engineering Event to Train Business Pros on Human Hacking

The DEF CON Social Engineering Capture the Flag contest inspired a new event aimed at teaching both security and non-security professionals on the...

Dark Reading | 8 hours ago
ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates

Ransomware actors are turning their sights on larger enterprises, making both average cost and downtime inflicted from attacks skyrocket.

Threatpost | 9 hours ago
'CardPlanet' Operator Pleads Guilty in Federal Court

Russian national faced multiple charges in connection with operating the marketplace for stolen credit-card credentials, and a forum for VIP...

Dark Reading | 9 hours ago
Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.

Threatpost | 11 hours ago
7 Steps to IoT Security in 2020

There are important steps security teams should take to be ready for the evolving security threats to the IoT in 2020.

Dark Reading | 12 hours ago
New Bill Proposes NSA Surveillance Reforms

The newly-introduced bill targets the Patriot Act's Section 215, previously used by the U.S. government to collect telephone data from millions of...

Threatpost | 12 hours ago
Does Your Domain Have a Registry Lock?

If you're running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company's domain name...

Krebs on Security | 13 hours ago
5 Resume Basics for a Budding Cybersecurity Career

You'll need to add resume tactician to your skill set in order to climb up the next rung on the security job ladder. Here's how.

Dark Reading | 15 hours ago
Online Employment Scams on the Rise, Says FBI

Looking to change jobs? Watch out for fraudsters who use legitimate job services, slick websites, and an interview process to convince applicants...

Dark Reading | 16 hours ago
Fake Smart Factory Honeypot Highlights New Attack Threats

The honeypot demonstrates the various security concerns plaguing vulnerable industrial control systems.

Threatpost | 16 hours ago
The Annoying MacOS Threat That Won't Go Away

In two years, the adware-dropping Shlayer Trojan has spread to infect one in 10 MacOS systems, Kaspersky says.

Dark Reading | a day ago
DHS Warns of Increasing Emotet Risk

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization.

Dark Reading | a day ago
NSA Offers Guidance on Mitigating Cloud Flaws

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.

Dark Reading | a day ago
Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.

Threatpost | a day ago
U.S. Gov Agency Targeted With Malware-Laced Emails

The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.

Threatpost | a day ago
Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia

The malware uses thousands of partner websites to spread malvertising code.

Threatpost | a day ago
Deconstructing Web Cache Deception Attacks: They're Bad; Now What?

Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution.

Dark Reading | a day ago
Severe Vulnerabilities Discovered in GE Medical Devices

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.

Dark Reading | a day ago
Cisco Warns of Critical Network Security Tool Flaw

The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.

Threatpost | a day ago
Weathering the Privacy Storm from GDPR to CCPA & PDPA

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.

Dark Reading | a day ago
Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Attackers 'weaponized' Active Directory to spread the ransomware.

Dark Reading | a day ago
Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking

New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.

Threatpost | a day ago
To Avoid Disruption, Ransomware Victims Continue to Pay Up

For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected...

Dark Reading | 2 days ago
Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment

The competition targets the systems that run critical infrastructure and more.

Threatpost | 2 days ago

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.