A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active...
Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started...
Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files,...
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24...
Twitter on Wednesday said that its investigation found “no evidence” that users’ data sold online was obtained by exploiting any security vulnerabilities...
A new analysis of Raspberry Robin’s attack infrastructure has revealed that it’s possible for other threat actors to repurpose the infections for...
Government and military organizations in the Asia-Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the...
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that...
The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through...
A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems....
The latest breach announced by LastPass is a major cause for concern to security stakeholders. As often occurs, we are at a...
Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity...
As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing...
The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of...
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate’s organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware...
The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network....
The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since...
An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning...
Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell...
An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors. This...
The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and “upscaled” campaign, months after Google disrupted...