Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.

VMware patched vulnerabilities uncovered earlier this month at Pwn2Own that could have let an attacker execute code on the VMware Workstation and carry out a virtual machine escape.

The FBI warned medical and dental offices running FTP servers in anonymous mode that criminals are targeting these installations and stealing personal healthcare information.

Harley Geiger, director of public policy at Rapid7, talks about how policy goes hand in hand with technology when it comes to cybersecurity, the government’s focus on IoT and critical infrastructure, and more.

Microsoft patched a zero-day vulnerability actively used in a campaign by a hacking group known as Zirconium.

Apple fixed hundreds of bugs, 223 to be exact, across macOS Sierra, iOS, Safari, watchOS, and tvOS on Monday.

Researchers report new connections between Magic Hound and Shamoon 2, along with descriptions of how the Disttrack malware component of campaigns moves laterally within infected networks.

APT29, a/k/a Cozy Bear, has used Tor and a technique called domain fronting in order to secure backdoor access to targets for nearly two years running.

Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.

Security experts say they are skeptical that a group called Turkish Crime Family actually possess a cache of hundreds of millions of Apple iCloud account credentials.