Enlarge (credit: Getty Images) Identity and authentication management provider Okta has been hit by another breach, this one against a third-party vendor that allowed hackers to steal personal information for 5,000 Okta employees. The compromise was carried out in late September against Rightway Healthcare, a service Okta uses …

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Apple last week shipped emergency updates …

Enlarge / CAPTCHAs are meant to prevent these kinds of browsing scenarios, not train us all to better recognize vehicles and infrastructure in grainy photos. (credit: Getty Images) Cloudflare has recently made an audacious claim: We could all be doing something better with our lives than deciding which images contain …

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures …

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “ Meris,” the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about …

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols. [...]