The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines.
The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil’s gonads shrank in response.
A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor.
The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers.
Ransomware attackers are now demanding cash from the customers of victims too.
Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting.
According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key.
An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships.
Tony Lauro, director of security technology and strategy at Akamai, discusses hardware security dongles and using phones to act as surrogates for them.
The campaign is harvesting screenshots, keystrokes, credentials, webcam feeds, browser and clipboard data and more, with RevengeRAT or AsyncRAT payloads.
The ‘Send My’ exploit can use Apple's locator service to collect and send information from nearby devices for later upload to iCloud servers.
According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security.
FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware.
Paper ballots and source-code transparency are recommended to improve election security.
A new type of fraud is spiking across the platform: Selling fake vax records to people who want to lie their way into places where proof of vaccine is required.
Argyle is paying workers to help hack payroll providers, researchers suspect.
Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're in range.
Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand.
Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities.
GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords.