A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple and massive spam campaigns distributing the malware via the Necurs botnet.

Dan Geer’s Source Boston keynote included a declaration that cybersecurity and humanity’s future are forever conjoined.

Apple takes countermeasures to neutralize OSX/Dok HTTPS-snooping malware by revoking a hijacked certificate updating its XProtect built-in anti-malware software.

Verizon’s Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage.

Brazilian cybercriminals are using the original version of the XPan ransomware, targeting small to medium-sized business based in Brazil with the malware.

A new ransomware-as-a-service called Karmen appeals to ransomware newbies with a low price, easy setup and developer updates.

A rash of Java-based remote access Trojans is targeting tax filers with bogus IRS attachments.

What does ‘encrypting the whole internet mean’: can it be done and is it a good idea?

Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.

Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.