Threat Post

Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack.

Elite Russian forums for cybercriminals have been hacked in a string of breaches, leaving hackers edgy and worried about law enforcement.  

TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.

Espionage attacks exploiting the just-patched remote code-execution security bugs in Microsoft Exchange servers are quickly spreading.

Cybercriminals are using the COVID-19 vaccine to steal Microsoft credentials, infect systems with malware and bilk victims out of hundreds of dollars.

Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.

A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users.

A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals. 

Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.

The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics.

Attackers have weaponized code dependency confusion to target internal apps at tech giants.

Full dumps of email boxes, lateral movement and backdoors characterize sophisticated attacks on civil-society targets by a Chinese APT.

The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October.

The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices.

Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites.

The Ryuk scourge has a new trick in its arsenal: Self-replication via SMB shares and port scanning.

A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks.

Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction.

The Distributed Denial of Secrets group claim they have received more than 70 gigabytes of data exfiltrated from social media platform Gab.

Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.