The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.
But rate of funding appears unsustainable, according to Strategic Cyber Ventures.
An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.
The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022.
For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.
Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.
Data appears to be from multiple breaches over past few years, says researcher who discovered it.
Facebook says the accounts and pages were part of two unrelated disinformation operations aimed at targets outside the US.
A new program will pay bounties of up to $20,000 for new critical bugs in the company's Azure DevOps systems and services.
Multiple threat actors are using relatively simple techniques to take advantage of the vulnerability, launching cryptominers, skimmers, and other malware payloads.
The network no longer provides an air gap against external threats, but access devices can take up the slack.
New global survey shows businesses are valuing IoT security more highly, but they are still challenged by IoT data visibility and privacy.
A skilled attacker can get inside your company by abusing common email applications. Here are three strategies to block them.
Get up close and personal with the latest tools and techniques for testing (and breaking) everything from HTTPS to deep neural networks to Microsoft Office!
Researchers dig into vulnerabilities in popular building automation systems, devices.
The Oklahoma Securities Commission accidentally leaked 3 TB of information, including data on years of FBI investigations.
When it comes to acceptable circumstances for government disclosure of zero-days, the new Vulnerabilities Equity Process might be the accountability practice security advocates have been waiting for.