'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says.

Incident response demands technical expertise, but you can't fully recover without non-IT experts.

The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks.

After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy.

The attack uses a legitimate remote access system as well as several families of malware.

Four best practices to keep old code from compromising your enterprise environment.

From criminals to competitors, online bots continue to scrape information from sites and pose as legitimate users.

A new study investigates nearly 30,000 guides to explore what fraudsters sell and teach aspiring cybercriminals.

I'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it's crystal clear that they wouldn't know what to do with a breach if it bit them in the nose, let alone festered unmolested in some dark corner of their operations.

An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.