Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.

Saryu Nayyar, CEO at Gurucul, discusses the new Cold War and the potential for a cyberattack to prompt military action.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

Former Cisco employee Sudhish Kasaba Ramesh admitted to accessing Cisco’s cloud infrastructure and deleting 16,000 Webex Teams employee accounts.

Using homographic characters is an easy way to execute a convincing fake site. An attack that uses homographic characters to impersonate domain names and launch convincing but malicious websites ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their ...

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.