A Trojan program is being distributed through USB drives and seems to be designed for stealing information from so-called air-gapped computers that are not connected to the Internet.
Microsoft has added a new option in Office 2016 that allows administrators to block macros -- embedded automation scripts -- from running in Word, Excel and PowerPoint documents that originate from the Internet.
Systems administrators should get ready to fix a critical vulnerability on April 12 that affects the Windows and Samba implementations of the Server Message Block (SMB) protocol.
An application that allows users to root their Android devices is taking advantage of a security flaw in the Linux kernel that has remained unpatched in Android since its discovery two years ago.
Engineers from Google, Microsoft, Yahoo, Comcast, LinkedIn and 1&1 have devised a new mechanism that improves the encryption of email traffic.
Hackers have used 21 new vulnerabilities in their attacks against browsers and operatings systems during this year's Pwn2Own hacking contest.
Security researchers exploited previously unknown vulnerabilities in Apple Safari, Google Chrome and Flash Player to compromise the latest versions of OS X and Windows during the first day of the annual Pwn2Own hacking contest.
A new email-based attack campaign is targeting key employees from companies in the US, Middle East and Asia with the goal of compromising their computers and email accounts.
An increasing number of cyberespionage groups are using stolen code-signing certificates to make their hacking tools and malware look like legitimate applications.
Symantec will offer free basic SSL/TLS certificates to domain owners through Web hosting companies that join its new Encryption Everywhere program.
A new spam campaign combines documents with malicious macros, encoded PowerShell scripts and fileless malware to compromise computers used for financial transactions, researchers from Palo Alto Networks found.
A two-year-old vulnerability in Java can still be exploited in the latest versions because the patch for it is ineffective, security researchers have found.
Adobe Systems released new versions of Flash Player in order to fix 18 critical vulnerabilities that can be exploited to take over computers, including one flaw that's already targeted by attackers.
Cisco Systems has patched high-impact vulnerabilities in several of its cable modem and residential gateway devices that are distributed by some ISPs to their customers.
The KeRanger file-encrypting ransomware program for Mac OS X is based on Linux.Encoder and contains crypto flaws that could allow users to recover their files without paying cybercriminals.