Citizen Lab investigates the targeting of Chinese language news websites in a phishing attack that leveraged the NetWire remote access Trojan.

GnuPG recently patched cryptographic library Libgcrypt, preventing a local side-channel attack; something that could have allowed full key recovery for RSA-1024.

Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks.

Developers of Classic Ether Wallet said an attacker managed to hijack the domain for the wallet via social engineering late Thursday evening.

Siemens patched a recently disclosed vulnerability pertaining to systems with specific Intel processors. If exploited, the flaw could let an attacker gain system privileges.

A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review.

Mike Mimoso and Chris Brook discuss this week’s ExPetr global ransomware outbreak, how it was distributed, the wiper aspect, and similarities to 2016’s Petya ransomware.

The glaring privacy issues tied to an online health and beauty retailer allows customers to log-in to their user accounts with just their email address – no password needed.

The global outbreak of the Petya/ExPetr malware wasn’t a ransomware attack, it was wiper malware aimed to sabotage, according to experts.

Ubuntu fixed a Linux bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload this week.