DARKReading

The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptographic failures at the top and creating three new risk categories.

Security researchers share the details of four flaws in Open Management Infrastructure, which is deployed on a large number of Linux virtual machines in Azure.

Having a gold copy of critical data offline is essential in every organization's disaster recovery or continuity plan. Follow the 3-2-1-1 rule to secure your data.

Privacy firm Kape says deal will double customer base and broaden reach into consumer VPN market

Follow these best practices to avoid the security holes created by these often-overlooked, but ubiquitous, devices.

Users can now delete passwords from their Microsoft account and instead use Windows Hello, Microsoft Authenticator, or physical security keys to log in.

There's a scarcity of customers using managed security services who are willing to talk to others about their experiences. Here's how to work with your vendor(s) to leverage their customers' experiences and hard-won wisdom.

Why hasn't a problem that's lasted for more than 40 years been solved after hundreds of billions of dollars have been spent? Let's take a new approach.

This month's Patch Tuesday release addresses a remote code execution bug under active attack and a publicly known flaw in Windows DNS.

Neosec, founded by the security experts behind LightCyber, aims to bring principles from extended detection and response to API security.