In a world that isn't private by design, security, and liability implications for US-based cloud companies are huge.

As companies "shift left" -- pushing more responsibility for security onto developers -- the tools that are available are falling short, usability researchers say.

At Black Hat USA 2020, McAfee researchers showed how they were able to successfully trick a facial-recognition system into misclassifying one individual as an entirely different person.

Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.

When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.

The idea of "selling information security" is the area where security leaders struggle most, said Peter Keenan, CISO of a financial services company, in a DEF CON talk.

Three fundamental technologies - chatbots, audio fakes, and deepfake videos - have improved to the point that creating digital, realtime clones of people is merely a matter of integrating the systems.

In most of the macro-based attacks, human intervention on the part of the victim is required at least once, and usually twice.

A series of business email compromise campaigns has been targeting executives of more than 1,000 companies, most recently in the US and Canada.

Researchers at Israel's Ben-Gurion University (BGU) have developed a framework for continuously evaluating the resilience of end users to phishing and similar social engineering attacks.