A hacker group has made over $3 million by breaking into Jenkins servers and installing malware that mines the Monero cryptocurrency.
For the second time in two months, the voter registration information of over 19 million Californians was leaked online via an unsecured MongoDB database, which was later held for ransom by hackers.
Questionable patching on the part of the WordPress CMS team has caused lots of headaches for WP site owners this week.
A trio of Secret Service agents, DHS investigators, and West Hartford (Connecticut) police officers have arrested a man who they believe is at the center of a massive fraud operation through which he stole Dell computer parts worth more than $7 million.
Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers.
A group of hackers has made over a quarter-million dollars worth of Monero by breaking into Oracle WebLogic servers and installing a cryptocurrency miner.
Experts believe that an experienced cybercrime group has created a botnet from compromised Linux servers and is using these systems to mine Monero, a digital currency.
Here's something to be cheery on Christmas Day —a vulnerability affecting a web server that's been embedded in hundreds of thousands of IoT devices.
For those who would like remote console access to their Windows 10 computers, the built-in Windows 10 OpenSSH Server may be what you are looking for. Even better, for those who are familiar with OpenSSH from using it in Linux, the Windows 10 version operates pretty much the same.
German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he collectively refers to as Mailsploit, and which allow an attacker to spoof email identities, and in some cases, run malicious code on the user's computer.
A critical remote code execution flaw affects over half of the Internet's email servers, and there's no fix for it available, just yet.
A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication of users against cloud services.
Today, Amazon announced a new offering named "AWS Secret Region," which is a cloud server region for use only by US intelligence agencies and their third-party contractors.
Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Security researchers, and what appears to be at least one hacker, have found an ElasticSearch server left exposed online that was hosting information about 1,133 National Football League (NFL) players and agents.
A malware author (or authors) has made around $63,000 during the past five months by hacking unpatched IIS 6.0 servers and mining Monero.
According to Avast, the database where the CCleaner hackers were collecting data from infected hosts ran out of space and was deleted on September 12, meaning information on previous victims is now lost to investigators and the number of computers infected with the second-stage backdoor payloads may be larger than initially believed.