A sudden wave of attacks against insecure databases resulting in ransom demands points to wave of data hijacking attacks.

RSA 2017 is previewed and last week’s report on iOS apps being vulnerable to interception attacks, macro malware coming to MacOS, and new Uber open source module are discussed.

WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.

The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it said could lead to a crash.

Researchers have spotted an increase in CryptoShield ransomware infections coming from the RIG Exploit Kit used by EITest delivery campaigns.

Security researcher Dino Dai Zovi talks about a new company he cofounded called Capsule8 that will help IT organizations counter threats to Linux infrastructures.

Attackers have been using fileless malware to hide in the memory of enterprises, steal data, and vanish without a trace.

A cross-site scripting vulnerability on the Steam gaming platform has been patched. The flaw could be exploited by simply viewing a crafted profile.

Developers at Uber have unveiled a new module to help users enable the continuous re-authentication of SSH keys.

A new industry consortium publishes a manifesto it hopes will foster cooperation on the security of autonomous vehicles.