A researcher at the Security Analyst Summit described the insecure state Samsung’s Tizen operating system.

Attackers are attempting to exploit the recent Apache Struts vulnerability on Windows servers and the payload is a variant of the Cerber ransomware.

David Jacoby and Frans Rosén said at this year’s Security Analyst Summit they offered companies free pen-testing and raised $15,000 for charity in the process.

A previously undisclosed baseband vulnerability impacting Huawei smartphones, laptop WWAN modules and IoT components was revealed Thursday at the Infiltrate Conference

Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.

Mike Mimoso and Chris Brook recap the second day of Kaspersky Lab’s Security Analyst Summit, including how a Brazilian bank was compromised, and more.

Cisco Talos researchers spot a stealthy new remote administration tool calling ROKRAT that targets Korean-language Microsoft Word alternative Hangul Word Processor.

Researchers say a variant of the notorious surveillance software called Pegasus has been targeting Android users allowing third parties to take screenshots, capture audio, read email and exfiltrate data from targeted phones.

Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.

At the Security Analyst Summit, Mark Dowd described how memory corruption mitigations are successfully driving up exploit development costs.