Git Some Security: Locking Down GitHub Hygiene

In the age of DevOps and agile development practices that lean heavily on GitHub and other cloud resources, strong controls are more important than ever.

New Banking Trojan Similar to Dridex, Zeus, Gozi

IBM researchers uncover a new form of banking malware distributed as a second-stage infection via the Emotet Trojan.

LockPoS Malware Sneaks onto Kernel via new Injection Technique

"Alarming evolution" of Flokibot bypasses antivirus software and was likely built by a group of advanced attackers, researchers say.

Survey Suggests Many Are Still Waiting for Spectre, Meltdown Windows Updates

Microsoft's insistence on a specific registry key setting for offering the updates on systems appears to be the issue, security vendor Barkly says.

NIST Releases New Cybersecurity Framework Draft

Updated version includes changes to some existing guidelines - and adds some new ones.

Microsoft Azure AD Connect Flaw Elevates Employee Privilege

An improper default configuration gives employees unnecessary administrative privilege without their knowledge, making them ideal targets for hackers.

Cisco Adds Encrypted Traffic Analysis Function

New Encrypted Traffic Analytics is designed to help enterprises inspect encrypted traffic for malicious activity without having to decrypt it first.

Samsung’s Mobile Device Bug Bounty Program Gets a Boost

Samsung Electronics partners with Bugcrowd to deliver timely payments for its Mobile Security Rewards Program.

Attack Attribution Tricky Say Some as US Blames North Korea for...

There's not enough evidence to conclusively tie the rogue regime to the ransomware attacks, some security experts say.

Vulnerable Mobile Apps: The Next ICS/SCADA Cyber Threat

Researchers find nearly 150 vulnerabilities in SCADA mobile apps downloadable from Google Play.

France Might Vet Acquisitions of AI, Data Protection Firms

Finance minister says country may add artificial intelligence and data security to list of nation's strategically important, regulated sectors

Forever 21 Found Malware and Encryption Disabled on its PoS Devices

The retailer found signs of unauthorized access and malware installed on point-of-sale devices during an investigation into last year's data breach.