News aggregator

A million sites attacked by 20,000 different computers.

Apparently, some people consider their passwords "invincible", even after a data breach. Don't be those people.

Attackers hacked and encrypted the computers of a contractor whose clients include the US military, government agencies and major military contractors.

Google has deleted an app from the Play Store that offered to delete Android software associated with China.

A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported custom

How time flies - the latest four-weekly Firefox update is out.

If you're using Zoom—especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers. No, it's not about the arrival of the most-awaited "real" end-to-end encryption feature, which apparently, according to the latest news,

VMWare’s VMware Cloud Director has a security flaw that researchers believe could be exploited to compromise multiple customer accounts using the same cloud infrastructure.

The US rail service hasn't disclosed the number of passengers affected in a 16 April breach.

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in Sybase Adaptive Server Enterprise (ASE), a relational database management software geared towards

Building a security team is a necessity for organizations of all industries and sizes. It makes selecting the right person for the job a critical task in which testing candidates' domain knowledge is a core component of the hiring process. A common practice is for each organization to put together a dedicated set of questions for each role. Today, Cynet launches the Cybersecurity Skill Tests

We're absolutely delighted - delighted and proud! - to report that we won not one but two awards at last night's European Security Blogger Awards 2020.

If you're getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.

Some 7,600 dark-web sites were obliterated in an attack on the most popular provider of .onion free hosting services, Daniel's Hosting.

The UK's National Crime Agency has hit on a simple way to stop teens from being sucked into cybercrime – using Google Ads.

Cybersecurity researchers today disclosed details for a new vulnerability in VMware's Cloud Director platform that could potentially allow an attacker to gain access to sensitive information and control private clouds within an entire infrastructure. Tracked as CVE-2020-3956, the code injection flaw stems from an improper input handling that could be abused by an authenticated attacker to

A bug bounty hunter found a way to login using "Sign in with Apple"... but without the part where you have to put in a password.

Much like technology itself, the tools, techniques, and optimum processes for developing code evolve quickly. We humans have an insatiable need for more software, more features, more functionality… and we want it faster than ever before, more qualitative, and on top of that: Secure. With an estimated 68% of organizations experiencing zero-day attacks from undisclosed/unknown vulnerabilities

Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org. The breach exposed affected users' personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords. The

GitHub has uncovered a form of malware that spreads via infected repositories on its system.