New tool easily backdoors vulnerable websites

At Black Hat USA 2019, researchers showed how a previously-disclosed flaw on Windows systems that could allow arbitrary code execution could also impact Hyper-V.

Academic researchers carry out attacks on high-end commercial devices as well as narrowband IoT sensors.

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists.

If you are somehow under the impression that you -- the customer -- are in control over the security, privacy and integrity of your mobile phone service, think again. And you'd be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

PortSwigger’s James Kettle dusts off the request smuggling text books to demonstrate new ways of breaking through the web ecosystem

From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?

XSS to RCE made easy

Unlike many nations, North Korea often engages in cyber operations to generate much-needed cash for the country's coffers. In that respect, its hackers have been extremely successful.

New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.

New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.