Even if you have the basics of security policy, are you sure your actual implementation is on track?

At least 10 cell providers have been compromised, losing the call detail records for “hundreds of millions” of telco customers.

The U.S. has been hacking Iran. Allegedly U.S. Cyber Command has launched cyber strikes against Iranian command-and-control systems.

The city of Riviera Beach, Florida, has “given in” to ransomware. And it’s the biggest municipal ransom we’ve seen: ₿65—about $600,000.

Nothing is secure from physical access: Where there’s a will, there’s an exploit. Once the Cellebrite genie is out of the bottle, how can they contain it?

The cyber cold war continues: Deep-throat sources claim the U.S. has implanted malware deep into Russia’s electricity grid. But hang on, something smells fishy.

Telegram, the encrypted messaging app, has come under sustained DDoS attack, which was traced back to IP addresses in China. It’s widely believed this is an attempt to disrupt citizen protests in Hong Kong, which are being coordinated using Telegram’ ...

Researchers have been experimenting with Rowhammer. And what they’ve found will shock you. RAMBleed is their catchy name for an arsenal of ways to read any physical memory on a machine. Yes, any memory: It works across processes, containers, and ev ...

The U.S. Customs and Border Protection admits its contractor has lost some pictures of people going in and out of the U.S.

Next year’s US elections will be no more secure than in 2016. That’s the depressing conclusion from reports out this week.

App devs: Don’t be tempted to follow suit; make sure third-parties aren’t using these sort of obnoxious practices. IT: Got MDM yet?

Millions of people might have had their financial and medical information stolen due to a Quest Diagnostics and AMCA data breach.

A typical iPhone has thousands of trackers, silently reporting back to their motherships. And people are saying Apple is complicit.

European regulators are only warming up. Year Two of GDPR promises to be "interesting."

First American Financial is the latest huge corporation being cavalier with your data. Its website has been serving up title documents to anyone who can count.

A Belgian security researcher dubbed SandboxEscaper unleashed four Windows zero-days, dropping her proofs-of-concept onto GitHub this week.

Time to get serious about security-focused code reviews. And mandate 2FA already.

The sensitive data of almost 50 million Instagram “influencers” has been leaked and is at risk, thanks to yet another unsecured AWS instance.

11 members of the GozNym malware network have infected 41,000 PCs via phishy spam campaigns. Six have been apprehended and are in custody.

Layered security only works if the layers are, y'know, secure.