Officials say Davis Lu placed malicious code on servers in a denial-of-service attack on his employer. Read More

The latest version of Google Chrome also introduces HTTPS as the browser's default protocol. Read More

Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks. Read More

As demand for travel, lodging, and concerts plummeted in 2020, bot traffic moved to more popular activities, such as e-commerce, healthcare, and government sites. Read More

Many organizations adjust their risk appetite in an economic downturn, as risk is expanded to include supplier and customer insolvency, not to mention cash-flow changes. Read More

Security 101: In the wake of an incident, it's important to cover all your bases -- and treat your IR plan as a constantly evolving work in progress. Read More

IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out. Read More

There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows. Read More

The combined entity will expand on both companies' privileged access management tools and expects to debut a new brand this year. Read More

The agency urges researchers to take precautions amid an ongoing targeted threat campaign. Read More

A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server. Read More

Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job. Read More

Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address. Read More

The number of components in the average application rose 77% over two years. No wonder, then, that 84% of codebases have at least one vulnerability. Read More

Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products. Read More

Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day. Read More

Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server. Read More

The length of time attackers remain undiscovered in a target network has fallen to 24 days, researchers report, but ransomware plays a role. Read More