Attackers exploited Instagram API bug to access users’ contact info
Instagram has confirmed that “one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically …
Patients with St. Jude pacemakers called in for firmware update
Patients using one of several types of implantable radio frequency-enabled pacemakers manufactured by St. Jude Medical will have to visit their healthcare provider to receive …
Payment security: What are the biggest challenges?
With cybercrime on the increase, payment card security is increasingly a focus for companies and consumers alike. The Payment Card Industry Data Security Standard (PCI DSS) is …
Office 365 account compromise attempts on the rise
Office 365, Microsoft’s software-as-a-service productivity software suite popular with corporate users, is increasingly becoming attackers’ preferred way into …
Advantech fixes serious vulns in WebAccess HMI/SCADA software
Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software …
Cisco unveils LabVIEW code execution flaw that won’t be patched
LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. …
Drone maker DJI launches bug bounty program
Chinese consumer drone maker DJI has announced that it’s starting a bug bounty program and has invited researchers to discover and responsibly disclose issues that could …
Leveraging social media in advanced threat intelligence
In this podcast recorded at Black Hat USA 2017, Christian Lees, CISO at InfoArmor, discusses how leveraging social media helps to understand the motives and threat landscape …
Researchers figured out how to disable the Intel ME controller on Intel chipsets
Researchers have discovered that Intel Management Engine (Intel ME) 11, a dedicated (and non-optional) microcontroller integrated into all Intel chipsets, can be disabled …
Tech firms band together to take down Android DDoS botnet
An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed …
Complete and continuous cloud infrastructure protection
In this podcast recorded at Black Hat USA 2017, Hari Srinivasan, Director of Product Management at Qualys, talks about the challenges involved in securing clouds, and explains …
Chinese government’s latest crack against online anonymity
The Chinese government is dead-set on making it so that all online interactions can be tied to a specific user. The latest move towards this goal came on Friday, when the …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware