The info-stealing campaign using ZLoader malware – previously used to deliver Ryuk and Conti ransomware – already has claimed more than 2,000 victims across 111 countries. Threat actors are exploiting ...

The group blends into an environment before loading up trivial, thickly stacked, fraudulent financial transactions too tiny to be noticed but adding up to millions of dollars. Researchers have ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. A newly discovered and complex remote access trojan ...

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in ...

A flaw in all versions of the popular C standard libraries uClibc and uClibc-ng can allow for DNS poisoning attacks against target devices. An unpatched Domain Name System (DNS) bug in a popular ...

2.5 million people were affected, in a breach that could spell more trouble down the line. EdFinancial and the Oklahoma Student Loan Authority (OSLA) are notifying over 2.5 million loanees that their ...

Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Most advanced persistent threat groups (APTs) use known vulnerabilities in their ...

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours. The Ryuk threat actors have struck again, moving from sending a phishing email to ...

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings. There was nothing typical this year at BSides LV, Black Hat USA and DEF CON – also known ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. A China-based threat actor has ramped up efforts ...

The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score. Microsoft has addressed a total of 97 security vulnerabilities in its January ...