SecurityWeek

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages.

read more

The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports.

read more

Ransomware targeting organizations is a growing threat. The extent of that threat is not always obvious. Except for the healthcare sector, disclosure of a ransomware attack is not generally required -- so victims will not necessarily report an incident. This is exacerbated by those victims who simply pay up and recover their files without the problem becoming obvious.

read more

Dutch authorities this week announced the arrest a 20-year old man for allegedly developing and distributing Office Macro Builders. 

read more

Even as incident response (IR) has evolved, it has struggled to see beyond individual events and create a more complete perspective. IR tools are still very effective, particularly as advances in orchestration and automation technology have turned many IR tools into SOAR tools, but they are limited by this narrow focus.

read more

An Israeli spyware firm thought to have hacked WhatsApp in the past has told clients it can scoop user data from the world's top social media, the Financial Times reported Friday.

read more

read more

A former National Security Agency contractor awaits sentencing in Baltimore’s federal court for storing two decades’ worth of classified documents at his Maryland home.

read more

Google on Thursday informed security researchers that they can now earn significantly higher rewards if they submit vulnerability reports through the company’s bug bounty programs.

read more

Researchers at Australia-based cybersecurity firm Skylight claim to have found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign.

read more

Poland and Lithuania said Thursday they were looking into the potential security risks of using a Russian-made face-editing app that has triggered a viral social media trend where users post "aged" selfies.

read more

Users and organizations continue to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708, but over 800,000 systems are still exposed to attacks.

read more

Biometric Authentication is No Longer Just the Stuff of Spy Movies or Reserved for Military-Grade Installations

read more

Slack announced on Thursday that it’s resetting passwords for accounts that users have not secured after the data breach suffered by the company back in 2015.

read more

The chart-topping Russian-made FaceApp, which allows users to see how they will look as they age, found itself in the eye of a political storm in the US Wednesday, with one senator urging an FBI investigation into its "national security and privacy risks".

read more

Flashpoint security researchers have discovered a new malware framework that managed to gather over one billion fraudulent ad impressions in the past three months.

read more

California’s state auditor raised alarms Tuesday about information security in some state offices and called for additional oversight and regular assessments.

read more

A recently discovered ongoing campaign attributed to the StrongPity threat actor abuses malicious WinBox installers to infect victims, AT&T’s Alien Labs security researchers reveal.

read more

Microsoft says it has detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits.

read more

Drupal developers on Wednesday informed users that version 8.7.4 is affected by a potentially serious vulnerability, and advised them to update to version 8.7.5, which addresses the issue.

read more