US, UK warn Russians hackers are compromising networking devices worldwide
Russian state-sponsored hackers are targeting network infrastructure devices worldwide, the US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), …
Most US consumers don’t trust companies to keep their data private
While a majority of the US public sees companies’ ability to keep data private as absolutely key, it has little trust in companies to do so. In fact, only 20 percent of them …
Passwordless enterprise authentication on Windows 10 and Azure AD
Yubico announced that the new Security Key by Yubico supporting FIDO2 will be supported in Windows 10 devices and Microsoft Azure Active Directory (Azure AD). The feature is …
Devs know application security is important, but have no time for it
Sonatype polled 2,076 IT professionals to discover practitioner perspectives on evolving DevSecOps practices, shifting investments, and changing perceptions, and the results …
Enterprise-grade security for midmarket organizations
To simplify how customers protect their organizations, FireEye is launching three core subscription solutions plus one comprehensive suite at RSA Conference 2018. FireEye …
Qualys brings web application security to DevOps
Qualys announced new functionality in its web application security offerings that helps teams automate and operationalize global DevSecOps throughout the Software Development …
Rambus launches fully programmable secure processing core
At RSA Conference 2018, Rambus announced the availability of the CryptoManager Root of Trust (CMRT), a fully programmable hardware security core built with a custom RISC-V …
Third-party and insider threats one of the biggest concerns to IT pros
External threats are not the main concern for IT professionals, but rather breaches that are linked to vulnerabilities caused by staff or third-party vendors operating within …
Free Qualys services give orgs visibility of their digital certs and cloud assets
Qualys announced two new free groundbreaking services: CertView and CloudView. Harnessing the power and scalability of the Qualys Cloud Platform, Qualys CertView and CloudView …
Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear …
Your Android phone says it’s fully patched, but is it really?
How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of …
Security researchers sinkholed EITest infection chain
Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious …
Featured news
Resources
Don't miss
- It’s time to secure the extended digital supply chain
- SysReptor: Open-source penetration testing reporting platform
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
- 8Base ransomware group leaders arrested, leak site seized
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)