According to the Defense Department's Cyber Crime Center (DC3), security researchers reported more vulnerabilities to the Pentagon than ever before in 2019. The Vulnerability Disclosure Program (VDP), created to allow ethical hackers to safely and…

The U.S. Food and Drug Administration (FDA) cautions patients, healthcare providers, and manufacturers about a set of cybersecurity vulnerabilities, dubbed "SweynTooth" contained by certain medical devices with wireless communication technology known as…

Micah Lee, the head of information security for First Look Media, has announced plans to release an alpha version of a free quarantine program he developed, called Dangerzone. The program is capable of removing malicious scripts, tracking beacons, and…

Facebook has recently removed hundreds of accounts, pages, groups, and Instagram accounts that were originally from India and Egypt for violating Facebook’s policy against foreign or government interference. The Facebook accounts from India focused…

Researchers at ESET discovered a critical bug in Wi-Fi chips, which affects billions of devices, including smartphones, tablets, laptops, and routers from Amazon, Apple, Google, Samsung, and others. The vulnerability, dubbed Kr00k, derives from an all-…

The Department of Justice (DoJ) released a report, titled "Legal Considerations When Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources." The report highlights the risks that security researchers and organizations face…

Intel recently announced four new hardware-based security capabilities and gave additional information on its Computer Lifecycle Assurance supply chain transparency initiative. The new capabilities are application isolation, VM and container isolation,…

Verizon recently released a report on mobile security that discusses the results of a survey to which 876 people responsible for the purchase, management, and security of mobile devices at companies, responded. According to the report, there has been a…

Deral Heiland, the Internet of Things (IoT) research lead at Rapid7, gave a presentation at the RSA Conference in which he discussed the development of a comprehensive IoT security testing methodology. The methodology would help companies determine the…

New research has discovered that Chrome 80's move to encrypt locally saved passwords and cookies using AES-256 has had a significant adverse effect on a hugely successful data and user profile stealing malware called AZORult. Researchers used the crime…

Celeste Lyn Paul is a Senior Researcher at the National Security Agency. Her work focuses on understanding the human factors of cybersecurity. See her recent RSA Conference keynote on Hacking Stress in Cybersecurity Operations here: https://www.…

A new report released by VMware Carbon Black at the 2020 RSA Conference discusses the top attack methods and procedures observed by researchers over the last year. The report also gives organizations recommendations on how to deal with threats such as…