Attackers can remotely execute code on targeted systems via specially crafted subtitle files for videos.

Android O, due in the third quarter, figures to elevate the security of the mobile OS with new features focused on improved third-party patching, a new permission model and hardening of existing features.

Researcher Chris Evans reported a new bug and showed how also used a previously known flaw in ImageMagick to leak Yahoo server data and steal images and authentication secrets.

Apple revealed this week that it received at least one National Security Letter from the U.S. government for user data during the last six months of 2016

The country’s top cybersecurity boss said the country is headed the wrong way when it comes to cybersecurity.

Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user’s session.

A worm called EternalRocks has been spreading seven Windows SMB exploits leaked by the ShadowBrokers, including EternalBlue, which was used to spread WannaCry.

Jaya Baloo, CISO of KPN, the Netherlands’ leading telecommunications provider, talks to Mike Mimoso about the WannaCry ransomware outbreak and how large network providers and enterprises must contend with advanced attacks.

The Terror exploit kit has matured into a greater threat and carefully crafts attacks based on a user’s browser environment.

Tools are beginning to emerge that can be used to begin the process of recovering files encrypted by WannaCry on some Windows systems.