Lawfare editor on persistent DDoS attack: 'We wish they'd knock it off'

GitHub will automatically scan for access tokens in public code with its new beta. It's also launching an API for security advisories.

Researchers at Cylance have uncovered remote access tools linked to the infamous Vietnamese hacking group APT32.

Cybersecurity researchers at ESET have identified a spinoff to the infamous Russian hacking group.

WhiteSource says that as more organizations implement open source components, there's a growing need for automated open source bug monitoring services.

While data is being illicitly sold, it was not necessarily illicitly obtained, as voter records are in many cases public records.

The utility has vowed not to pay a ransom for the attack, which will force the company to rebuild its computer systems.

The company also says the FBI has been brought in for an investigation.

Republican senators have written to Google CEO Sundar Pichai demanding to know why the company was reportedly slow to disclose a software flaw in its Google+ social network.

While some companies are choosing to avoid the Google Play Store, Talos says "GPlayed" highlights the risks of downloading apps from third-party websites.

New research provides evidence that a group with Russian military ties was involved with the NotPetya and BlackEnergy incidents in Ukraine.

Senators sought answers from the DHS and FBI head about a reported widespread supply chain attack, as well as foreign election interference.

A news report claiming a compromise of U.S. companies’ supply chains by Chinese spies has triggered an extensive search for evidence that has so far turned up nothing.

The hacking group, dubbed "Gallmaker," has been going after diplomatic and military targets in a campaign that researchers say is difficult to detect.

A new book charts the history of the weaponization of information and explains how the U.S. is still struggling to cope with the phenomenon.

RiskIQ says certain factors limited the scope of this compromise, and there are lessons learned as to how to avoid it.

In March, Google found that a flaw in its Google+ People API exposed data including name, email address, occupation, gender and age. "We found no evidence that any profile data was misused," the company said.

U.S. and British security agencies have backed statements by Apple and Amazon Web Services disputing an explosive news report claiming that the Chinese compromised hardware used by the tech giants.

Whether or not foreign government hackers see the inside of a U.S. courtroom, indicting them is key to American deterrence policy, Adam Hickey said.

The Boston-based company stresses that its platform carries out real attacks, not simulated ones, on its customers networks to assess risks and vulnerabilities.

A new report from password management company LogMeIn found that the bigger the enterprise, the bigger the problem when it comes to managing passwords.