Google has shared details of a 0-day vulnerability in Windows a mere 10 days after informing Microsoft of the problem. In Google's own words, "this vulnerability is particularly serious because we know it is being actively exploited", but the company is accused of putting users at risk.

Microsoft is yet to produce a patch for the security problem, and it's not clear when one will be released.

Pretty much all IT operations professionals (99 percent) agree: adopting a DevOps culture can improve application security. This is according to a new report by Hewlett Packard Enterprise.

The report, titled Application Security and DevOps Report 2016, also emphasizes that just a fifth (20 percent) of respondents test their application’s security during development, and 17 percent are using no technologies whatsoever to protect their apps. The conclusion of the report is simple: there is a significant disconnect between perception and reality of secure DevOps.

"There is a time to take counsel of your fears," General George S. Patton once famously said. Halloween marks the end of National Cyber Security Awareness Month (NCSAM). Let’s make this the time to take counsel of the cyber security fears that keep us up at night.

We asked more than 250 business professionals from across the country to share their concerns. Their answers seem influenced by recent headlines, the pending election, and the coming shopping season.

The consequences of a security breach in the healthcare sector can be severe, yet a new survey reveals that healthcare staff are among the most likely to fall victim to social engineering attacks.

The study from SecurityScorecard exposes vulnerabilities across 700 healthcare organizations including medical treatment facilities, health insurance agencies and healthcare manufacturing companies.

If someone sends you a document, modern versions of Microsoft Office will automatically open it in Protected View, to keep you safe from malware. If you need to edit it, you can do so, but it's at your own risk.

Office 2016 also gives administrators the ability to prevent users from running macros in Office documents that originated from the Internet, adding further protection. Frustratingly, this feature wasn’t made available in Office 2013, leaving users of the older suite at risk.

Because it isn't detected by traditional, signature based anti-virus solutions, zero-day malware has the potential to wreak havoc in businesses of all sizes.

Cyber security company Comodo is launching a new, free forensic analysis service to help enterprises discover previously unknown and undetected malware that could cause serious security issues or data breaches.

The US mobile workforce is set to grow to 105.4 million workers by 2020 according to IDC and this creates a challenge for businesses trying to control and secure deployments.

In a bid to make things easier, networking solutions company Brocade is launching its latest Ruckus Cloudpath platform to enable IT organizations of any size to easily establish secure, policy-based access for wired and wireless devices.

Dirty COW is a privilege escalation vulnerability found in the Linux kernel. Although it’s been there for nine years, it’s only recently been identified.

The vulnerability, which affects the 'copy-on-write' (COW) mechanism, can be found in most Linux distros, and since the Raspberry Pi runs Linux, it too is at risk.

Following the large scale cyberattack that took down a number of high-profile sites last Friday, a Chinese electronics component manufacturer has admitted that its products were used by the attackers behind the disruption.

Hangzhou Xiongmai Technology, which produces DVRs and internet-connect cameras, has come forward to acknowledge that its products were exploited and that the attackers had taken advantage of security vulnerabilities resulting from weak default passwords.

The security habits of the millennial generation could be putting federal IT systems at risk, if agencies don't adjust their cyber defenses in time.

This finding comes from a new study by cyber security company Forcepoint, which examines how members of the millennial generation use technology.

We've already seen concerns about the threats Internet of Things gadgets may pose in the home, with hackable Barbie dolls and snooping Smart TVs. Not to mention that the latest Dyn DDoS attack was carried out using unsecured IoT devices.

IoT devices are starting to become commonplace in businesses too so the potential for problems can only grow. Security company ForeScout, along with leading ethical hacker Samy Kamkar, has been investigating the risks these devices pose.

Attacks on the inter-bank SWIFT system have been making the headlines this year, proving lucrative for the hackers and worrying for the industry.

Help is on the way though as Cyber security company TrapX is launching a deception-based security solution, DeceptionGrid, specifically designed protect SWIFT.

We're seeing attacks on endpoint systems becoming more common and increasingly clever. Yet for administrators knowing what's happening on their endpoints presents a challenge.

Privileged account management specialist Thycotic is launching a new, free Endpoint Application Discovery Tool to automatically discover and reports on applications installed on Windows endpoints.

Smartphones from LG, Samsung and Motorola are all vulnerable to an attack that makes it possible to gain root access in a matter of seconds. Known as Rowhammer, the attack works using a bit flipping technique that exploits a vulnerability in the design of RAM chips.

Because the attack takes advantage of a physical aspect of design, it is going to be difficult to quickly devise a fix. In the meantime, millions of smartphones are at risk of compromise in what could be as large an issue as the recently-discovered Dirty COW bug -- and there's an app you can use to check if you are at risk.

San Diego, Calif. As a general rule I never connect to public WiFi networks, which is fine except when attending an event at a hotel ballroom where T-Mobile cellular is like an apparition dancing around a Halloween grave. So as Wendell Brooks, CEO of Intel Capital, begins his speech, I sit typing narrative offline rather than tweeting live. There’s irony, I suppose, reporting old style, about investments in new innovations.

Welcome to the trials and travails of the Intel Capital Global Summit, which kicks off today and goes through October 26. Looking at the lineup, I expect to hear about newfangled tech that would make news reporting so much easier if available—although 4G cellular data would be good enough for today.