A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack.
Stories by Lucian Constantin
New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.
Software that writes more data to a memory buffer than it can hold creates vulnerabilities that attackers can exploit. Good software development practices can stop buffer overflows from happening.
Researchers have recently detected an advanced persistent threat campaign that targets critical infrastructure equipment manufacturers.
By manipulating the voltage of Intel CPUs that use SGX, researchers can extract sensitive data, including full RSA encryption keys.
Attackers can use the vulnerability to gain complete control of the phone. It underscores the risks of using old open-source code in IoT devices.
Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system.
A report from Zscaler reveals some troubling facts about the risks posed by network-connected IoT devices.
Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.
A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack.
New Verizon report shows a big gap between organisations' mobile security risk concerns and mobile security best practices they implement.
The decade-old Qbot financial malware has resurfaced with an improved version in a new attack that has infected thousands of systems so far.
Microsoft has removed eight applications from its app store for Windows that were mining Monero crypto-currency without users' knowledge.
The low number of fines relative to the volume of reported breaches might be due to over-extended regulators, according to DLA Piper findings.
A group of hackers that previously leaked alleged NSA exploits claims to have even more attack tools, as well as intelligence gathered by the agency on foreign banks and ballistic missile programs.
Nominations Close on June 12
VIRTUAL EVENT - Thursday, June 18 - Registrations Open