Kaspersky Lab’s endpoint security products track your web activity. The Russian company even monitors visits to https-secured websites.

The moral of the story? Your users are innocently picking up spare cables in conference rooms, or buying generic Chinese cables on Amazon. Think about that for a moment—now panic.

Driver Danger; Firmware Fracas: Many Windows drivers permit malware to access anything, subverting controls that separate user space from the kernel.

Researchers found 35 ES&S voting machines connected to the internet, contradicting statements by election officials and the manufacturer.

Insider threats come in many forms. How bribable are your employees?

A few months after confirming five vulnerabilities known as Dragonblood in the WPA3 standard, researchers have now found two more.

Never mind your wallet—what’s in your WAF ruleset?

No More Ransom is a global partnership between public and private sectors, including community involvement, 151-strong over three years.

Now we have the Senate Intel Committee’s report on how Russia sought to influence the 2016 elections and how it might do it again in 2020.

The moral of the story: Try to avoid being inept and negligent, OK?

Russia’s notorious federal security service, the FSB, has a secret project to de-anonymize Tor. Big news or nothing to see here?

Browser extensions might be selling your private data to the highest bidder—actions that might violate GDPR and similar regulations.

The moral of the story: Audit and red-team your partners too—not just your own architecture.

Last week, we learned that the Zoom app for macOS has a nasty bug, allowing a hacker to spy on you. But the issue is worse than we thought.

Google gives contractors access to your voice, and now, recordings made secretly by Google devices and apps have leaked to the press.

The moral of the story? Red-team your apps—before someone else does.

A spear-phishing campaign has been detected that uses fileless and living-off-the-land methods to run the Astaroth data-stealing malware.

Multiple organizations are using facial recognition on driver's license photos to catch criminals. That's a major privacy violation, some say.

The U.S. Food and Drug Administration says certain insulin pumps made by Medtronic are hackable, and there’s no way to fix them. Once again, there’s no encryption and precious little authentication.

What if the missile warning to residents in Hawaii 18 months ago wasn't a "miscommunication" but a hack done by North Korea? Researchers show how easy it is to spoof an emergency alert.