Attackers behind February’s fileless malware attacks dropped malware on some bank ATMs that gave them the ability to dispense money, “at any time, at the touch of a button.”

The lines between between information shared between intelligence services, companies, and the government are getting increasingly blurry, a Georgetown professor warned.

At the Security Analyst Summit, Mark Dowd described how memory corruption mitigations are successfully driving up exploit development costs.

Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.

Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker.

The Electronic Frontier Foundation retracted a blog post today highly critical of Verizon and the upcoming rollout of an app called AppFlash made by Evie Labs.

This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.

Researchers warn of a wave in aviation-themed phishing attacks that aim to steal credentials and install malware.

Researchers are tracking a new variant of the Mirai malware after it launched a 54-hour long DDoS attack against a U.S. college.

Owners of Github repositories were the focus of a phishing campaign spreading the Dimnie information-stealing malware.