Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Ransomware attacks targeting hospitals have exacted a human cost as well as financial. Despite hospitals being on the front lines during the pandemic, bad actors have continued to target them with ...

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency. Hackers behind a cryptomining campaign have managed to ...

Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. The notorious Lazarus advanced persistent threat (APT) group has been ...

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. The bloom is back on phishing attacks with criminals doubling down on fake messages ...

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Researchers have released technical details on a high-severity privilege-escalation flaw ...

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out. A proof-of-concept attack has been pioneered that “fully and practically” breaks ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. A China-based threat actor has ramped up efforts ...

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. Threat actors have leaked 1 ...

Researchers uncovers “ultimate man-in-the-middle attack” that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business. Hackers pulled off an elaborate man-in-the ...

Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’ Ransomware and social engineering continue to dominate challenges facing cybersecurity professionals, ...