Written By Shane Schick

Rotten Apples: MacSpy, MacRansom Bring Malware-as-a-Service Model to MacOS

The first Mac malware-as-a-service threats suggests attackers are starting to see the operating system as a potential target.

Application Security Report Calls Out Problems in Mobile, IoT Devices and DevOps

High-Tech Bridge released a report at InfoSecurity Europe 2017 highlighting some of the fastest growing application security threats to developers.

Facebook Highlights Two-Factor Authentication in Security Settings Redesign

Facebook is hoping to make improving security settings easier for users with two-factor authentication and redesigned menu navigation.

Subtitles Present New Opportunity for Remote Code Execution Across 200 Million Streaming Players

Researchers found that remote code execution attacks could occur via malicious subtitles used in many popular streaming video players.

Phony WordPress Domain Steals Cookies to Fool Web Admins

Cybercriminals have been stealing cookies and using a fraudulent WordPress API to impersonate users and take control of victims' browsing sessions.

SharePoint Users Worry That Poor Usage Puts Sensitive Data at Risk

The majority of Microsoft SharePoint users are calling for better controls and safeguards for sensitive data, according to a recent study.

LastPass Gets a Failing Grade From Researchers Who Say Passwords Could Be Exposed

Password manager LastPass was recently discovered to have serious security flaws that could leave the door open for cybercriminals.

Server Hacking Against vBulletin Users Escalates Following Emergency Patch

Cybercriminals were reportedly going on a server hacking spree weeks after vBulletin patched a major vulnerability in its popular online forum software.

App Developers’ Use of Back-end Cloud Services Puts Sensitive Data at Risk

App developers love using BaaS providers to store and host the data they collect from users, but researchers said it puts sensitive data in danger.

Google Plans Gmail Alerts That Flag Unencrypted Connections

Google announced that it will alert users when they receive emails sent via unencrypted connections in order to increase their overall security posture.