Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in ...

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a ...

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client ...

The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. Fluffy is missing.

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being ...

The wormable malware spread from Android to Android by sending messages offering free Netflix Premium for 60 days. Malware disguised as a Netflix app, lurking on the Google Play store, spread through ...

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets. Microsoft ...

Most Windows versions are at risk of remote, unprivileged attackers abusing RDP from the inside to hijack smart cards and get unauthorized file system access. Remote Desktop Protocol (RDP) pipes have ...

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. Threat actors have leaked 1 ...

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to ...

The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack. Media giant Impresa, which owns the largest ...