A botnet of over 400,000 IoT devices held a 13-day distributed denial-of-service (DDoS) siege against the streaming app of a company in the entertainment business.
A recent security alert caused a panic where people thought the VLC Media Player was affected by a critical vulnerability that had no patch. The problem is that the vulnerability was not in VLC, but rather a module that was replaced over 16 months ago.
The Robinhood stock trading site is alerting users that passwords were stored in their system in human readable format, otherwise known as clear text. While no foul play was detected, this could have allowed employees or unauthorized users to view an account's password.
Malwarebytes has released AdwCleaner 7.4 and with it comes a new feature that will detect and remove preinstalled software that is typically added to generate revenue for the hardware developer and thus reduce the device's cost.
A new Watchbog malware variant can scan for Windows computers vulnerable to BlueKeep exploits, with previous variants only being utilized to infect Linux servers compromised using Jira, Exim, Nexus Repository Manager 3, ThinkPHP, and Solr Linux exploits.
BSI, the German national cybersecurity authority, has issued a warning regarding a malspam campaign that distributes the Sodinokibi ransomware via emails designed to look like official BSI messages.
An agreement with the FTC requires Facebook to pay a $5 billion penalty, to implement a new privacy and information protection framework, and to provide the FTC with new monitoring tools after an investigation launched following the Cambridge Analytica events.
According to numerous reports, Microsoft has accidentally released internal Windows 10 Build 18947 to all channels of the Windows Insider program, including Skip Ahead, Fast Ring and Slow Ring.
Through the analysis of over 3.9 million posts on underground hacker and malware forums, a new report illustrates the most common malware and threats being discussed.
The IRS has issued a news release to remind professional tax preparers that they are required by law to have a data security plan to protect taxpayers' sensitive information from potential security threats.
BEC scammers are now targeting a company's customers using a new indirect attack method designed to collect information on future scam targets by asking for aging reports from collections personnel.
Microsoft is currently in the process of developing significantly better manual threat hunting features for the Office 365 Threat Explorer, to be rolled out to all environments during August.
This deal is for a 21 hour course on how to program in C#. This course will introduce you to the .NET framework, object oriented programming, and how to create your applications.
An ongoing malvertising campaign is targeting an unauthenticated stored cross-site scripting (XSS) vulnerability in the Coming Soon Page & Maintenance Mode WordPress plugin according to Wordfence's Defiant Threat Intelligence team.
Microsoft has released a new cumulative update for Windows 10 version 1809 that fixes numerous bugs including one that would crash Internet Explorer when dragging tabs and one that prevented newly installed applications from showing up in Windows search results.
A decryptor for the LooCipher Ransomware has been released by Emsisoft that allows victims to decrypt their files for free. If you were infected with LooCipher, do not pay the ransom and instead follow the instructions below.
Microsoft says that several changes designed to make Office 365 client licensing technology more reliable for subscription-based Office clients like Office 365 ProPlus will be rolled out during August.
Over the weekend, privacy concern were raised regarding how Microsoft Edge is uploading the URLs to SmartScreen. After further testing by BleepingComputer, we learned that Windows 10 also transmits a great deal of potentially sensitive information about your applications to SmartScreen when you attempt to run them.
Under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks after successful exploitation of an arbitrary file copy vulnerability in the mod_copy module.
Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the resulting botnet as part of a Monero cryptomining operation.