Partnerships with Intel, Qualcomm, and AMD will bring a new layer of device security that alters the boot process to detect firmware compromise.
Experts discuss why security teams are increasingly overwhelmed with alerts and share tactics for lightening the load.
Experts examine the drivers pushing today's endpoint security market to consolidate as its many players compete to meet organizations' changing demands and transition to the cloud.
Attackers make use of an old trick and evade detection by blocking users from viewing an embedded link when hovering over the URL.
Researchers following the ransomware variant uncover new data on how much its affiliates earn and where they spend it.
Sophos' board of directors plans to unanimously recommend the offer to the company's shareholders.
The ransomware operators targeted an "unquoted path" vulnerability in iTunes for Windows to evade detection and install BitPaymer.
Attackers compromised Volusion's Google Cloud environment to load malicious skimmer code onto more than 6,500 customer sites.
None of the total 59 patches were for previously known vulnerabilities nor are any under active attack, Microsoft reports.
New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry.
From lengthy email signatures to employees' social media posts, we look at the many ways organizations make it easier for attackers to break in.
Their findings demonstrate how Group 4 is likely conducting server-side skimming in addition to client-side activity.
The West African cybergang has successfully infiltrated more than 500 companies using a tactic dubbed 'vendor email compromise.'
The "Prying-Eye" vulnerability could let intruders scan for unprotected meeting IDs and snoop on conference calls.
A flaw in the OnApp cloud management platform could let an attacker compromise a private cloud with access to a single server.
A new report explores changes in cloud-native applications and complexities involved with securing them.
Why governance, risk, and compliance solutions lull companies into a false sense of security, and how to form a more effective approach.
As risk management programs differ from business to business, these factors remain constant.
Where most organizations fall short in risk management tools, technologies, and talent, and how they can improve.
The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.
The latest model, with insights from 122 firms, shows DevOps adoption is far enough along to influence how companies approach software security.
A new report explores how attackers identify psychological vulnerabilities to effectively manipulate targets.
The list includes the most frequent and critical weaknesses that can lead to serious software vulnerabilities.
The company broadens its portfolio with new services developed to centralize and automate cloud security.
An unsecured database containing 18GB of data exposed more than 20 million records, most of which held details about Ecuadorian citizens.
A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information.
The vulnerability, now patched, is the latest in a series of bad news for Facebook.
Cisco, Oracle, and LinkedIn security leaders share their challenges in communicating with business teams and advice for how CISOs can navigate the relationship.
Conspirators stole more than 250,000 identities and filed more than 10,000 fraudulent tax returns, the Department of Justice reports.