Threat Post

The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs.

The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.

An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.

The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account.

Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more.

New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data.

More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues.

The ransomware group has leaked stolen data to add pressure on the company to pay up.

A strain of the 13-year old backdoor Bandook trojan has been spotted in an espionage campaign.

The new backdoor comes with multiple payloads and new detection evasion tactics.

Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year.

Hackers are putting a bullseye on healthcare. Experts explore why hospitals are being singled out and what any company can do to better protect themselves.

Threat actors already stole nearly 4,000 credentials before the holiday was even over, according to report.

While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense.

Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events.

Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world.

Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.

Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.

Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.

Reducing the risks of remote work starts with updating the access policies of yesterday.