At Black Hat, two RIT professors are expected to deliver a talk about the professional skills gap in security and how academic programs are falling short.

Researchers have a devised a way to trick a web server into caching pages and exposing personal data to attackers.

Mike Mimoso and Tom Spring preview Black Hat, which starts tomorrow in Las Vegas.

Researcher Paulos Yibelo said that Dashlane elected not to patch a vulnerability he disclosed more than a year ago in all versions of the password manager application.

A hacker that goes by the name “BestBuy” admitted to a German court that he was behind an attack last year that knocked over a million Deutsche Telekom customers offline.

This week at Black Hat, Mac malware expert Patrick Wardle will describe how he used a custom-built command and control server to analyze new spying capabilities in a variant of the FruitFly backdoor.

Researchers with IBM and Flashpoint warn the Trickbot Trojan is growing more potent and now targeting U.S. banks.

A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.

Apple released iOS 10.3.3 Wednesday that serves as a cumulative patch update for multiple vulnerabilities including the high-profile BroadPwn bug.

U.S. authorities along with law enforcement Europe and Asia announced today the takedown of the dark web’s largest illicit market, AlphaBay.

The Tor Project is launching a public bug bounty program to encourage security researchers to responsibly report issues they find in the software.

Senator Ron Wyden is pushing to mandate government-wide use of the email authentication protocol DMARC “to ensure that hackers cannot send emails that impersonate federal agencies.”

Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France.

Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them.

Oracle's July Critical Patch Update included fixes for 308 vulnerabilities, 165 of which are remotely exploitable.

Oracle today in its Critical Patch Update addressed a critical vulnerability in its Oracle E-Business Suite of business applications that allows for the download of business documents.

Hackers hijacked CoinDash’s initial coin offering Monday, stealing $7.7 million in cryptocurrency from the nascent trading platform.

Cloudflare and network operator Credo Mobile suffered a legal defeat when U.S. appeals court ruled to uphold a gag order on FBI surveillance data.

Researchers discovered an active Twitter botnet made up of 38,000 bots, generating 8.5 million tweets and netting over 30 million clicks from its victims.

Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco's WebEx extension for Chrome and Firefox that allows for remote code execution.