Security firm Embedi releases further details on the Intel AMT flaw, revealing how it can be exploited and how potentially dangerous it can be.

More than 200 Android mobile applications listen surreptitiously for ultrasonic beacons embedded in audio that are used to track users and serve them with targeted advertising.

The news of the week is discussed, including the Gmail/Google Docs phishing attack, the Intel AMT vulnerability, IBM’s malware-laden USB drives, and drone security.

Hackers behind the Carbanak criminal gang have devised a clever way to gain persistence on targeted systems to more effectively pull off financially motivated crimes.

Researchers said good social engineering and users’ trust in the convenience afforded by the OAUTH mechanism guaranteed Wednesday’s Google Docs phishing attacks would spread quickly.

Security researchers say the Blackmoon banking Trojan targeting exclusively South Korean financial institutions has developed a new malware infection technique.

Travel services company Sabre Corp. said in a SEC filing that its investigating a data breach in its Hospitality Solutions reservation system.

Embedi, which is behind the Intel AMT vulnerability revealed Monday, seeks to clarify “baseless assumptions” being made about the flaw.

NIST’s latest password guidelines focus less on length and complexity of secrets and more on other measures such as 2FA, throttling, and blacklists.

Fuze addressed two issues that publicly exposed recordings of private business meetings made over the collaboration platform.