Several new techniques have become available recently that give attackers an easy way to abuse legitimate Windows services and escalate low-level privileges on a system to gain full control of it.

A study into the use and popularity of the Internet's TLDs over a 10-year period shows that many newer TLDs may present more of a security nuisance for organizations than anything else.

A Northeastern University research team finds code defects -- and some vulnerabilities -- by detecting when programmers used different code snippets to perform the same functions.

Security awareness company KnowBe4 successfully debuted on the NASDAQ, with its initial public offering bringing in more than $150 million to fund the company's international expansion and a focus on new automation and machine learning features.

The DHS's Cybersecurity and Infrastructure Security Agency (CISA) today issued ICS advisories for vulnerabilities in the Horner Automation Cscape software and the Mitsubishi Electric GOT.

At least 10,000 UK nationals have been approached by malicious individuals using fraudulent profiles on the professional networking site, the BBC reports, citing security agency MI5.

Weak passwords used over the Windows Server Message Block (SMB) protocol are often part of attacks that result in the spread of Purple Fox malware, Specops researchers report.

A high-level manager of cybercrime group FIN7, also known as the Carbanak Group and the Navigator Group, has been sentenced to ten years in prison, the Department of Justice reports.

Google this week released Chrome 90 to the stable channel for Windows, Mac, and Linux. The update brings 37 security fixes, HTTPS by default, and other updates to the browser.

The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep their guard up amid a wave of attacks targeting this particular group.