The group of hackers that crippled the computer infrastructure of Sony Pictures Entertainment in late 2014 has been responsible for a large number of attacks against organizations from South Korea, the U.S. and other countries over the past seven years.
Stories by Lucian Constantin
Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen their Windows computers and applications against publicly known and unknown software exploits.
The employees of at least six Russian banks were recently the target of a well-crafted email attack where hackers masqueraded as the Russian Central Bank to trick them into installing malware.
A Chinese iOS application recently found on Apple's official store contained hidden functionality that allowed users to install pirated apps on non-jailbroken devices, a technique that could also be leveraged by malware in the future.
Security software vendor Comodo patched a security weakness in its GeekBuddy remote PC support tool that could have enabled malware or exploits to gain admin privileges on computers.
Twitter has notified 10,000 users that their email address and phone number might have been exposed due to a bug in the website's password recovery feature.
Attackers can easily disable SimpliSafe home security systems from up to 30 meters away by using a device that costs around $250 to create, researchers from security firm IOActive found.
Up to 46,000 Internet accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can be easily taken over by hackers.
The Xen Project released new versions of its virtual machine hypervisor, but forgot to fully include two security patches that had been previously made available.
A cyberespionage group of Russian origin known as Pawn Storm is infecting Linux systems with a simple but effective Trojan program that doesn't require highly privileged access.
The Pwn2Own hacking contest in March will award security researchers for exploiting Google Chrome, Microsoft Edge, Apple Safari, Flash Player and, for the first time, VMware Workstation.
Cisco Systems patched a critical vulnerability that could allow remote attackers to take over Cisco Adaptive Security Appliance (ASA) firewalls configured as virtual private network servers by simply sending malformed network packets to them.
Microsoft released its second batch of security updates for this year, addressing a total of 36 flaws in Internet Explorer, Edge, Office, Windows and .NET Framework.
The Internal Revenue Service was the target of an attack that used stolen social security numbers and other taxpayer data to obtain PINs that can be used to file tax returns electronically.
A Java-based Trojan known as Adwind and AlienSpy has been rebranded as JSocket and is being sold as a service to all types of attackers, from opportunistic cybercriminals to cyberespionage groups.