Earlier today, WikiLeaks published a collection of hacking tools which the organization claims belong to the United States Central Intelligence Agency (CIA).
The Shamoon disk-wiping malware has received a major upgrade during the past few months, and now features a ransomware module, along with support for both 32-bit and 64-bit architectures, researchers from Kaspersky Lab revealed on Monday.
Multiple Western Digital MyCloud Networked Attached Storage (NAS) devices are affected by several security flaws, varying in severity, that allow attackers to bypass authentication, execute code on the device, and upload or download user data.
A report published in the Conservation Biology magazine cites several incidents gathered from all over the world in the past years, where technologies introduced to simplify the work of animal protection groups and state authorities have been hijacked or turned against the animals they were meant to protect.
The US is discussing new legislation that will allow victims of ongoing cyber-attacks to fight back against hackers by granting more powers to entities under attack in regards to the defensive measures they can take.
A theoretical scenario that leverages the SHA1 collision attack disclosed recently by Google can serve backdoored BitTorrent files that execute code on the victim's machine, deliver malware, or alert copyright owners when their software has been pirated.
A vulnerability discovered by Google Project Zero security researchers and left without a patch by Microsoft received a temporary fix from third-party security vendor ACROS Security.
A new service launched on the Dark Web this week simplifies the process of tricking victims whose card details have been exposed into revealing their card's PIN.
Typical week in ransomware with a lot of small little variants released and resurgence of activity from Crypt0L0cker. The biggest news this week is that someone posted the master decryption keys for the Dharma Ransomware in the BleepingComputer.com forums, which were used to create working decryptors.
Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a domain's DNS TXT records.
A team of German security professionals has discovered 26 security flaws in nine of the world's most popular Android password managers.
HackerOne, a platform that is offering hosting for bug bounty programs, announced today that open-source projects can now sign up for a free bug bounty program if they meet a few simple conditions.
Security researchers have discovered a hidden backdoor in the firmware of DblTek GoIP GSM gateways that allows Telnet access to affected devices.
Ransom notes from Cerber ransomware infections have been found inside the source code of two Android applications available on the official Google Play Store.
Kaspersky has tested a set of Dharma master decryption keys posted to BleepingComputer and has confirmed they are legitimate. These keys have been included in their RakhniDecryptor, which I have tested against a Dharma infection. The decryptor worked flawlessly!
A year ago, several Google engineers got together and lay the foundation of Operation Rosehub, a project during which Google employees used some of their official work time to patch thousands of open source projects against a severe and widespread Java vulnerability.
Yahoo CEO Marissa Mayer announced she'll forgo her annual bonus ($2 million) and equity grant ($14 million), which she'll be redistributing to Yahoo employees instead.