Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

News 15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack

Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack

While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
By
- Arielle Waldman, News Writer

Guest Post 03 Dec 2021
IoT security needs zero trust to face new botnet trends

The growing threat of botnets that target IoT devices means that organizations must extend their perimeter access controls, including the use of zero trust. Continue Reading
By
- Jonathan Nguyen-Duy
News 01 Dec 2021
New Yanluowang ransomware mounting targeted attacks in US

Symantec threat analysts observed the new ransomware operation abusing legitimate tools such as ConnectWise's remote access product to move laterally inside networks. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Dec 2021
BlackByte ransomware attacks exploiting ProxyShell flaws

Red Canary said BlackByte's campaign is using wormable ransomware against organizations vulnerable to ProxyShell flaws in Microsoft Exchange. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 30 Nov 2021
Enterprise password security guidelines in a nutshell

In this concise guide to passwords, experts at Cyber Tec outline the security problems that put enterprises at risk and offer answers on how to solve them. Continue Reading
By
- Cyber Tec Security
News 30 Nov 2021
Windows Installer zero-day under active exploitation

McAfee said the Windows Installer vulnerability is being exploited in 23 countries around the world, including the United States, China, India and others. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 30 Nov 2021
walled garden

On the internet, a walled garden is an environment that controls the user's access to network-based content and services. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 29 Nov 2021
Hack 'Sabbath': Elusive new ransomware detected

A newly uncovered ransomware operation, dubbed UNC2190 or "Sabbath," has roots in a previous ransomware group but has so far been able to operate mostly undetected. Continue Reading
By
- Shaun Nichols
Tip 29 Nov 2021
Tackle IoT application security threats and vulnerabilities

By taking action to secure IoT applications and including them in a security strategy, IT admins can close off a tempting entry point to criminals. Continue Reading
By
- Julia Borgini, Spacebarpress Media
Tip 29 Nov 2021
How SBOMs for cybersecurity reduce software vulnerabilities

With SBOMs, companies will know what components constitute the software they purchase, making it easier for security teams to understand and manage vulnerabilities and risks. Continue Reading
By
- Ed Moyle, Drake Software
Feature 29 Nov 2021
Elastic Stack Security tutorial: How to create detection rules

This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Feature 29 Nov 2021
Elastic Security app enables affordable threat hunting

New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 29 Nov 2021
ProxyShell vs. ProxyLogon: What's the difference?

ProxyShell and ProxyLogon both affect Microsoft Exchange Servers, but they work in different ways. Continue Reading
By
- Brien Posey
Definition 24 Nov 2021
black hat hacker

A black hat hacker has been historically used to describe one who has malicious intent -- such as theft of information, fraud or disrupting systems -- but increasingly, more specific terms are being used to describe those people. Continue Reading
By
- Katie Terrell Hanna
- Taina Teravainen
News 23 Nov 2021
Apple files lawsuit against spyware vendor NSO Group

Apple sued the Israeli technology vendor, whose Pegasus spyware has been implicated in several malicious attacks on journalists, activists and government officials. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Nov 2021
Researcher drops instant admin Windows zero-day bug

A newly-disclosed zero-day vulnerability in Windows could potentially allow local users to elevate their permissions to administrator status, and Microsoft has yet to post a fix. Continue Reading
By
- Shaun Nichols
Definition 23 Nov 2021
footprinting

Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them. Continue Reading
By
- Andrew Zola
News 22 Nov 2021
Cryptocurrency exchange BTC-Alpha confirms ransomware attack

While it is common for threat actors to use cryptocurrency platforms to move and obfuscate ransom payments, this time an exchange platform was the victim of such an attack. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Nov 2021
Cybercriminals discuss new business model for zero-day exploits

Digital Shadows observed increased chatter on dark web forums about the possible emergence of a new business model that would rent out zero-day exploits as a service. Continue Reading
By
- Arielle Waldman, News Writer
Definition 19 Nov 2021
Nimda

First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the internet. Continue Reading
By
- Katie Terrell Hanna
News 18 Nov 2021
CISA, Microsoft warn of rise in cyber attacks from Iran

CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises. Continue Reading
By
- Shaun Nichols
News 18 Nov 2021
New side channel attack resurrects DNS poisoning threat

A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites. Continue Reading
By
- Shaun Nichols
News 17 Nov 2021
Malwarebytes slams Apple for inconsistent patching

At the center of the Apple criticism is an exploit chain that utilized two vulnerabilities -- one of which was only patched in macOS Big Sur for several months. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 17 Nov 2021
Risk & Repeat: Are ransomware busts having an effect?

International law enforcement agencies this year have stepped up efforts to address the ransomware threat with arrests, indictments and multimillion-dollar rewards. Continue Reading
By
- Rob Wright, Senior News Director
News 15 Nov 2021
Microsoft releases out-of-band update for Windows Server

Less than a week after November's Patch Tuesday, Microsoft released an unscheduled security update for Windows Server to address an authentication vulnerability. Continue Reading
By
- Shaun Nichols
News 15 Nov 2021
ProxyShell leads to domain-wide ransomware attack

The domain-wide ransomware attack utilized "almost no malware," and the threat actor accomplished the attack with the months-old ProxyShell vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 Nov 2021
virus hoax

A virus hoax is a false warning about a computer virus. Continue Reading
By
- Katie Terrell Hanna
Feature 11 Nov 2021
Tools to conduct security chaos engineering tests

Security teams are becoming curious about how chaos engineering can benefit them. Read about the security chaos engineering tools available for early adopters. Continue Reading
By
- Kyle Johnson, Technology Editor
News 11 Nov 2021
Trend Micro reveals 'Void Balaur' cybermercenary group

New Trend Micro research revealed a cybermercenary group that has been actively targeting high-profile organizations and individuals across the globe since 2015. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Nov 2021
Citrix DDOS bug leaves networks vulnerable

Citrix patched a critical bug in its Application Delivery Controller and Gateway software that left networks open to DDOS attacks. It also fixed a less-severe SD-WAN WANOP bug. Continue Reading
By
- Madelaine Millar, TechTarget
News 11 Nov 2021
'King of Fraud' sentenced for Methbot botnet operation

Aleksandr Zhukov was sentenced to 10 years in prison for the theft of $7 million in a massive digital advertising fraud operation using his 'Methbot' botnet. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Nov 2021
US targets REvil, DarkSide ransomware with $10M rewards

Infosec experts weigh in on the U.S. government's latest tactic to thwart ransomware operations -- the offering of rewards of up to $10 million for information on operators. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Nov 2021
Medical devices at risk from Siemens Nucleus vulnerabilities

Thirteen bugs, including a critical security flaw, have been patched in the Siemens Nucleus TCP/IP stack, a vital component for millions of connected medical devices. Continue Reading
By
- Shaun Nichols
News 08 Nov 2021
REvil ransomware affiliates arrested in international takedown

Europol said the two suspected REvil affiliates were allegedly responsible for 5,000 ransomware infections and received approximately half a million euros in ransom payments. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Nov 2021
BlackMatter claims to shut down ransomware operations

Operators behind the ransomware, known to target critical infrastructure, attributed the shutdown to pressure from authorities and the disappearance of team members. Continue Reading
By
- Arielle Waldman, News Writer
Definition 29 Oct 2021
shoulder surfing

Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Continue Reading
By
- Katie Terrell Hanna
Definition 29 Oct 2021
adware

Adware is any software application in which an advertising banner or other advertising material displays or downloads while a program is running. Continue Reading
By
- Ben Lutkevich, Site Editor
- Taina Teravainen
News 28 Oct 2021
Avast releases decryptors for multiple ransomware strains

Victims of three separate ransomware families can now recover data using tools developed by the antivirus vendor with help from a malware analyst and an alleged Babuk developer. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Oct 2021
Emsisoft cracked BlackMatter ransomware, recovered victims' data

Emsisoft developed a decryptor for BlackMatter and also found vulnerabilities in about a dozen other ransomware families that can be used to recover victims' data. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Oct 2021
Federal agencies issue warning on BlackMatter ransomware

U.S. government agencies say a new family of malware could create problems for critical infrastructure by shutting down critical networks and disrupting commerce. Continue Reading
By
- Shaun Nichols
News 13 Oct 2021
How hackers exploited RCE vulnerabilities in Atlassian, Azure

Barracuda researchers examined exploitation activity and attack patterns for two remote code execution vulnerabilities affecting Atlassian's Confluence and Microsoft's Azure. Continue Reading
By
- Shaun Nichols
News 12 Oct 2021
Apple patches iOS vulnerability actively exploited in the wild

Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Oct 2021
Iranian password spraying campaign hits Office 365 accounts

The Iran-backed DEV-0343 threat group has launched a password spraying offensive against Office 365 accounts in the defense, maritime and oil industries. Continue Reading
By
- Shaun Nichols
Definition 07 Oct 2021
decompression bomb (zip bomb, zip of death attack)

A decompression bomb -- also known as a zip bomb or zip of death attack -- is a malicious archive file containing a large amount of compressed data. Continue Reading
By
- Linda Rosencrance
News 06 Oct 2021
Apache HTTP Server vulnerability under active attack

Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack. Continue Reading
By
- Shaun Nichols
News 06 Oct 2021
Iranian hackers abusing Dropbox in cyberespionage campaign

A group of hackers believed to be based in Iran is targeting organizations in the U.S. and elsewhere with a campaign that uses cloud storage service Dropbox. Continue Reading
By
- Shaun Nichols
News 04 Oct 2021
2 suspected ransomware operators arrested in Ukraine

A coordinated international law enforcement operation led to the arrest of two alleged ransomware operators, though the ransomware gang has not been identified. Continue Reading
By
- Arielle Waldman, News Writer
Definition 01 Oct 2021
rootkit

A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and control over a computer or other system. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Linda Rosencrance
News 28 Sep 2021
SolarWinds hackers Nobelium spotted using a new backdoor

Microsoft researchers believe Nobelium, the Russian-backed group that breached SolarWinds, has been using a backdoor tool called FoggyWeb since at least April. Continue Reading
By
- Shaun Nichols
Definition 27 Sep 2021
brute-force attack

A brute-force attack is a trial-and-error method used by application programs to decode login information and encryption keys to use them to gain unauthorized access to systems. Continue Reading
By
- Katie Terrell Hanna
News 24 Sep 2021
Spurned researcher posts trio of iOS zero days

An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform. Continue Reading
By
- Shaun Nichols
News 22 Sep 2021
Turla deploying 'secondary' backdoor in state-sponsored attacks

Cisco Talos said hackers connected to the Russian APT Turla are using a new piece of malware to get persistent access on infected networks in the U.S., Germany and Afghanistan. Continue Reading
By
- Shaun Nichols
News 22 Sep 2021
Marcus & Millichap hit with possible BlackMatter ransomware

The real estate firm confirmed in a SEC filing this week that it had suffered a recent cyber attack but claimed there was no 'material disruption' to its business. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Sep 2021
Treasury Department sanctions cryptocurrency exchange Suex

In the ongoing battle against ransomware attacks, the Treasury Department sanctioned Suex, a cryptocurrency exchange accused of laundering ransom payments. Continue Reading
By
- Arielle Waldman, News Writer
Definition 21 Sep 2021
email virus

An email virus consists of malicious code distributed in email messages to infect one or more devices. Continue Reading
By
- Rahul Awati
- Linda Rosencrance
News 20 Sep 2021
Italian Mafia implicated in massive cybercrime network

A recent spate of phishing attacks and SMS fraud scams in Spain is being blamed on cybercriminals who were operating from the Canary Islands with backing from the Italian mob. Continue Reading
By
- Shaun Nichols
News 16 Sep 2021
Bitdefender releases REvil universal ransomware decryptor

The REvil decryptor key helps victims recover their encrypted files, as long as the attacks were made before July 13, which is when REvil went off the grid for two months. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Sep 2021
ExpressVPN stands behind CIO named in UAE hacking scandal

ExpressVPN said it will not cut ties with CIO Daniel Gericke, who was implicated by the DOJ in state-sponsored hacking on behalf of the United Arab Emirates government. Continue Reading
By
- Shaun Nichols
Definition 16 Sep 2021
browser hijacker (browser hijacking)

A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
News 15 Sep 2021
McAfee discovers Chinese APT campaign 'Operation Harvest'

McAfee Enterprise found the threat actors had not only breached a company's network, but had spent 'multiple years' siphoning data from the victim before getting caught. Continue Reading
By
- Shaun Nichols
News 14 Sep 2021
Apple patches zero-day, zero-click NSO Group exploit

The Citizen Lab said that it found the Apple zero-day vulnerability when it was 'analyzing the phone of a Saudi activist infected with NSO Group's Pegasus spyware.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Sep 2021
Hackers port Cobalt Strike attack tool to Linux

An unknown group of cybercriminals has created a version of the Windows-only Cobalt Strike Beacon tool that works against Linux machines, which has been used in recent attacks. Continue Reading
By
- Shaun Nichols
Feature 10 Sep 2021
17 ransomware removal tools to protect enterprise networks

Check out this list of ransomware removal platforms to detect possible security threats, block attacks, and erase any malware lingering on devices and enterprise networks. Continue Reading
By
- Paul Kirvan
Definition 09 Sep 2021
macro virus

A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word. Continue Reading
By
- Rahul Awati
- Linda Rosencrance
News 02 Sep 2021
Autodesk targeted in SolarWinds hack

Autodesk said in its 10-Q filing released Wednesday that it believes 'no customer operations or Autodesk products were disrupted' in the SolarWinds supply chain attack. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 30 Aug 2021
Malware analysis for beginners: Getting started

With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 30 Aug 2021
Top static malware analysis techniques for beginners

Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Definition 30 Aug 2021
logic bomb

A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met. Continue Reading
By
- Rahul Awati
- Laura Fitzgibbons
News 26 Aug 2021
Private sectors pledge big for cyberdefense

Tech giants have invested billions to address cybersecurity threats such as supply chain security and attacks on critical infrastructures. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Aug 2021
4 emerging ransomware groups take center stage

Four ransomware operations -- AvosLocker, Hive, HelloKitty and LockBit 2.0 -- have popped up on the radar of researchers with Palo Alto Network's Unit 42 team. Continue Reading
By
- Shaun Nichols
Definition 23 Aug 2021
spear phishing

Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Crystal Bedell
Definition 23 Aug 2021
ILOVEYOU virus

The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book. Continue Reading
By
- Rahul Awati
News 11 Aug 2021
Hackers selling access to breached networks for $10,000

Network access is a closely-guarded commodity in underground hacker forums, with some sellers not even revealing the names of their victims until money has changed hands. Continue Reading
By
- Shaun Nichols
Definition 05 Aug 2021
cyberstalking

Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading
By
- Rahul Awati
News 04 Aug 2021
Matt Tait warns of 'stolen' zero-day vulnerabilities

During Black Hat 2021, the COO of Corellium discussed three main threats that have ramped up: stolen zero days, zero days being exploited in the wild and supply chain attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Aug 2021
Supply chain attacks, IoT threats on tap for Black Hat 2021

Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference. Continue Reading
By
- Shaun Nichols
News 02 Aug 2021
Hospitals at risk from security flaws in pneumatic tube systems

Researchers at IoT security vendor Armis said the nine critical vulnerabilities affect the pneumatic tube systems used by many hospitals in North America. Continue Reading
By
- Shaun Nichols
News 29 Jul 2021
Kaspersky tracks Windows zero days to 'Moses' exploit author

In its second-quarter threat report, Kaspersky Lab found a rise in the use of exploits and zero-day vulnerabilities, several of which were traced to a single threat actor. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Jul 2021
New 'BlackMatter' ransomware gang has echoes of REvil

Although connections are being made between ransomware groups REvil and BlackMatter, the jury is still out on whether they have threat actors in common. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Jul 2021
Coveware: Median ransomware payment down 40% in Q2 2021

Coveware CEO Bill Siegel said that the efficacy of using data leak threats to obtain ransomware payments has gone down because 'you don't get anything in return when you pay.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 19 Jul 2021
Balancing the benefits with the risks of emerging technology

Emerging technologies enable companies to maintain a competitive edge through their various benefits but can come with high risks. A balancing act is required. Continue Reading
By
- Jacob Young
News 19 Jul 2021
US charges members of APT40, Chinese state-sponsored group

The Department of Justice accused four Chinese nationals of hacking into a variety of businesses between 2011 and 2018 to steal trade secrets and other valuable data. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Jul 2021
US government formally names China in Exchange Server hack

Beyond the Exchange Server hack, the White House's statement condemned China for its malicious cyber behavior and accused the country of government-affiliated ransomware attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Jul 2021
SonicWall warns of 'imminent' SMA 100/SRA ransomware attacks

SonicWall said that those who fail to update or disconnect their vulnerable SMA 100 and SRA devices are 'at imminent risk of a targeted ransomware attack.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 14 Jul 2021
Risk & Repeat: Breaking down the Kaseya ransomware attacks

Nearly two weeks after REvil ransomware hit hundreds of companies, Kaseya and its managed service providers are still assessing the damage from the supply chain attack. Continue Reading
By
- Rob Wright, Senior News Director
News 14 Jul 2021
Microsoft: Chinese threat actor exploited SolarWinds zero-day

Microsoft has observed DEV-0322, the threat actor exploiting the SolarWinds Serv-U zero-day, 'targeting entities in the U.S. Defense Industrial Base Sector and software companies.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 13 Jul 2021
spyware

Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kate Brush
- Taina Teravainen
News 07 Jul 2021
Microsoft posts emergency 'PrintNightmare' patch

The out-of-band patch release addresses a critical flaw that allowed threat actors to gain remote code execution on vulnerable Windows and Windows Server systems. Continue Reading
By
- Shaun Nichols
News 06 Jul 2021
Kaseya ransomware attacks: What we know so far

REvil ransomware threat actors exploited a zero-day vulnerability to issue ransomware payloads disguised as legitimate software updates from Kaseya. Continue Reading
By
- Shaun Nichols
News 06 Jul 2021
Kaseya: 1,500 organizations affected by REvil attacks

Approximately 50 managed service providers and up to 1,500 of their customers were compromised via a devastating supply chain attack on Kaseya by REvil ransomware actors. Continue Reading
By
- Rob Wright, Senior News Director
News 02 Jul 2021
Russia using Kubernetes cluster for brute-force attacks

The NSA warned that Russian state-sponsored hackers launched a new container-based campaign aimed at breaching networks and stealing essential data from multiple industries. Continue Reading
By
- Shaun Nichols
Definition 02 Jul 2021
domain generation algorithm (DGA)

A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGA provides malware with new domains in order to evade security countermeasures. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Sharon Shea, Executive Editor
News 30 Jun 2021
European police lay siege to hacker haven DoubleVPN

An international law enforcement operation shut down DoubleVPN, a Dutch-hosted service that had provided low-cost, underground anonymizing services to cybercriminals. Continue Reading
By
- Shaun Nichols
News 29 Jun 2021
End users in the dark about latest cyberthreats, attacks

A study from IoT security vendor Armis shows many outside the IT community are unaware of growing threats, leaving a major gap in knowledge of basic security practices. Continue Reading
By
- Shaun Nichols
News 28 Jun 2021
SolarWinds hackers compromised Microsoft support agent

After placing information-stealing malware on a customer support agent's system, the Nobelium threat actors gained access to three Microsoft clients. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Jun 2021
DarkSide ransomware funded by cybercriminal 'investors'

New ransomware gangs, such as DarkSide, are receiving cryptocurrency investments from their peers and are poised to make life difficult for enterprises and law enforcement alike. Continue Reading
By
- Shaun Nichols
News 24 Jun 2021
Namecheap refines strategy to fight malicious domains

Security researchers this month noted drastic improvements in the domain registrar's effort to respond to and mitigate reports of malicious and fraudulent sites. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 23 Jun 2021
Risk & Repeat: US opens door for hacking back

This episode of the Risk & Repeat podcast discusses the growing pressure on the U.S. to respond to cyber attacks and if hacking back will be part of the plan. Continue Reading
By
- Rob Wright, Senior News Director
News 22 Jun 2021
COVID, gift cards and phony acquisitions top BEC attack trends

New research from Cisco Talos shows cybercriminals are still using the COVID-19 pandemic for BEC attacks to steal millions, but in slightly different ways. Continue Reading
By
- Shaun Nichols
News 16 Jun 2021
Repeat ransomware attacks hit 80% of victims who paid ransoms

New research from Cybereason offers troubling findings for organizations that pay ransoms, from repeat attacks to corrupted data and faulty decryption tools. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Jun 2021
Slilpp marketplace goes dark following government takedown

Slilpp, a massive dark web emporium for buying and selling stolen credentials, has been pulled offline by an international law enforcement takedown. Continue Reading
By
- Shaun Nichols