Application Security
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...
Hi, what are you looking for?
SecurityWeek
Malware & Threats
Cybereason GootLoader as a ‘severe’ threat, as the malware uses a combination of evasion and living off the land techniques, making its presence difficult...
Malware & Threats
The New York Office of the Attorney General has fined Patrick Hinchy and 16 of his companies for illegally promoting spyware.
Malware & Threats
Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.
Malware & Threats
The sophisticated HeadCrab malware has infected at least 1,200 Redis servers and abused them for cryptomining.
Cybercrime
The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.
Malware & Threats
Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.
Cybercrime
The recently detailed Internet of Things (IoT) botnet Zerobot has been updated with an expanded list of exploits and distributed denial-of-service (DDoS) capabilities.
Cybercrime
The highly active Royal ransomware is operated by seasoned threat actors who used to be part of Conti Team One, cybersecurity firm Trend Micro...
Cybercrime
The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries, threat intelligence firm Group-IB warns.
Cyberwarfare
Russia-linked Gamaredon, a hacking group known for providing services to other advanced persistent threat (APT) actors, is one of the most intrusive, continuously active...
Cybercrime
Recent Play ransomware attacks targeting Exchange servers were observed using a new exploit chain that bypasses Microsoft’s ProxyNotShell mitigations.
Cybercrime
A recently identified information stealer named ‘RisePro’ is being distributed by pay-per-install malware downloader service ‘PrivateLoader’, cyberthreat firm Flashpoint reports.Written in C++, RisePro harvests...
Application Security
Foxit Software has rolled out a critical-severity patch to cover a dangerous remote code execution flaw in its flagship PDF Reader and PDF Editor...
Cybercrime
Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK)...
Cybercrime
An analysis conducted by OT and IoT cybersecurity firm Nozomi Networks shows that the Glupteba botnet is still active following Google’s efforts to disrupt...
Application Security
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA)...
Cybercrime
North Korean hackers working for the government stole virtual assets last year estimated to be worth between $630 million and more than $1 billion, U.N. experts...
Cyberwarfare
Cybersecurity Funding
Vulnerabilities
