A sophisticated campaign utilizes a novel anti-detection method. Researchers have discovered a malicious campaign utilizing a never-before-seen technique for quietly planting fileless malware on ...

Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. The notorious Lazarus advanced persistent threat (APT) group has ...

The threat actors stole data and used Clop’s leaks site to demand money in an extortion scheme, though no ransomware was deployed. Researchers have identified a set of threat actors (dubbed ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data ...

Researchers at Cisco found a modified version of the leaked NSA exploit EternalRomance in this week’s Bad Rabbit attack. One day after clear ties were established between the Bad Rabbit ...

Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. Unpatched vulnerabilities in the Spring Framework and WordPress plugins ...

Meanwhile, remediation times are ballooning to a year or more in the case of malicious attacks, according to Ponemon Institute. One quarter of all data breaches last ...

Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. A ransomware group tied to Russia ...

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report. Attackers are using ads for fake Microsoft Teams updates ...

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. Researchers have released technical details on a high-severity privilege-escalation ...

A new phishing scam purports to be MYOB invoices – but really contains a novel banking trojan. The recently-discovered DanaBot banking trojan is making the rounds in a phishing campaign that ...

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection ...