There are a lot of different pitfalls when it comes to IoT security that developers need to avoid.
The exploit, which requires no user interaction, can give the attacker control of the affected device.
In many cases, companies that paid the ransom were scammed -- the data had simply been wiped.
The simple lesson in this case is to not pre-install software that violates user privacy.
The exposed information also includes names, birthdates and addresses, as well as some driver's license numbers, credit card numbers and other data.
The Dragonfly group now appears to be focused on compromising operational networks.
Widely used Java framework is once again updating for some highly impactful issues.
The campaign is just one of many currently distributing Locky ransomware.
Widely used ecommerce module had a flaw that could have been used as a stepping stone to a larger attack.
Next to reliable data backups, a good cyber insurance policy may be your best protection against the damage wrought by ransomware attacks.
For the second time in as many months, a software developer's website was compromised and used to distribute malware.
The NIAC says there's a 'narrow and fleeting window of opportunity' to organize effectively and prevent such attacks.
Over 62,000 phishing emails delivered the new threat in the first three days of the campaign alone.
By the end of the second day, Ukrposhta said services were back up and running, though slowly and with interruptions.
The three major open-source version control systems were all at risk from a flaw that could enable arbitrary code execution.
The FIN7/Carbanak hacker group is leveraging straightforward phishing emails to deliver a new JScript backdoor called Bateleur.
VIDEO: SafeBreach co-founder and CTO Itzik Kotler and VP of Security Research Amit Klein provide an overview of their Black Hat session on how to exploit anti-virus vendors.