After falling for a BEC scam, Cabarrus County in North Carolina lost $1,728,082.60 after sending $2.5 million to scammers pretending to be contractors [...]
With the release of the Windows 10 Insider build 18945, the Windows Subsystem for Linux version 2 now supports the ability for Windows 10 applications to [...]
A joint statement published by the Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center [...]
OXID e-commerce platform today released an update for its software fixing a remote takeover vulnerability that can be exploited without authentication.
Cybercriminals are now using a combolists-as-a-service model to sell credential collections to other crooks, which will later use them as part of large [...]
A new ransomware family targeting Android devices spreads to other victims by sending text messages containing malicious links to the entire contact [...]
Security researchers analyzing the security flaws present in IoT devices used in smart buildings were able to replace the real video feeds with arbitrary [...]
Attackers are deleting files on publicly accessible Lenovo Iomega NAS devices and leaving ransom notes behind. These ransom notes state that the attackers [...]
Capital One has announced a data breach that has exposed the personal information of 106 million people that includes transaction data, credit scores, [...]
An iMessage vulnerability patched by Apple as part of the 12.4 iOS update allows potential attackers to read contents of files stored on iOS devices [...]
New York Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (SHIELD) Act into law, with the new consumer privacy [...]
Now that ransomware developers know that they can earn monstrous payouts from local cities and insurance policies, we see a new government agency, [...]
A botnet of over 400,000 IoT devices held a 13-day distributed denial-of-service (DDoS) siege against the streaming app of a company in the entertainment [...]
Through the analysis of over 3.9 million posts on underground hacker and malware forums, a new report illustrates the most common malware and threats being [...]
The Internal Revenue Service (IRS) issued a joint news release with the US tax industry and state tax agencies to remind professional tax preparers [...]
Under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks after successful exploitation of [...]
Business email compromise (BEC) scammers are now targeting a company's customers using a new indirect attack method designed to collect information on [...]
Microsoft is currently in the process of developing significantly better manual threat hunting features for the Office 365 Threat Explorer, to be rolled [...]
A decryptor for the LooCipher Ransomware has been released by Emsisoft that allows victims to decrypt their files for free. If you were infected with [...]
Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the [...]
What a week. Every day we see a new city, police station, college, government agency, or company being affected by a ransomware attack. To make matters [...]
Compromising an employee's email account can be profitable for BEC scammers and for distributing malware, but being able to gain access to an email [...]
The U.S. Internal Revenue Service (IRS) failed to implement a good deal of security controls recommended over the years, leaving financial reporting and [...]
Microsoft says that it notified roughly 10,000 of its customers in the past year of being either targeted or compromised by nation-state sponsored threat groups.
A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if you send them $2,000 [...]
Mozilla and the Tor Project are in the early stages of exploring the inclusion of Tor's private browsing features within the Firefox web browser in the [...]
A sample of the ransomware called MegaCortex that is known to target the enterprise in targeted attacks has been found and analyzed. In this article, we [...]
Nine years and more than 8,500 security bug reports later, Google decided to increase the value of the rewards for security vulnerabilities submitted [...]
Researchers unearthed a new and highly prolific malware framework used by its creators to generate over one billion fraudulent ad impressions over a [...]
The frequency of business email compromise (BEC) scams has increased year over year and so did the value of attempted thefts, reaching a monthly average of [...]
A long standing Twitter issue allows bad actors to manipulate tweets so that they appear to contain content from one site, but actually link to a [...]
The Drupal CMS team has released a security update to address a critical severity access bypass vulnerability in the CMS' core component that could allow [...]
Image: Daan Mooij Financial data, personally identifiable information (PII), and real-time location of millions of Chinese users was leaked by an open [...]
A new Linux malware masquerading as a Gnome shell extension and designed to spy on unsuspecting Linux desktop users was discovered by Intezer Labs' [...]
A group behind the recent outbreaks of malicious advertisements being displayed through Windows 10 apps and Microsoft games has been identified as being [...]
Some versions of WinRAR file compression tool and Winbox software for managing MikroTik users have been tampered with to install malware serving an [...]
A newly discovered DNS-changer Trojan dubbed Extenbro has been observed while blocking access to websites of security software vendors to prevent its [...]