Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.

Personal and business data belonging to Boston area meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has since been locked down.

Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket.

Despite yesterday’s leak of the Apple iOS Secure Enclave decryption key, experts are urging calm over claims of an immediate threat to user data.

Mike Mimoso and Tom Spring discuss this week’s security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe’s decision to end-of-life Flash Player.

A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.

Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.

IBM researchers have demonstrated a filesystem-level version of the Rowhammer attack against MLC NAND flash memory.

Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.