An advisory from the U.S. National Security Agency is providing Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging authentication information.
An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times.
Vulnerability submissions have increased over the past 12 months on at least one crowdsourced security platform, with critical issue reports recording a 65% jump.
Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data.
MountLocker ransomware received an update recently that cut its size by half but preserves a weakness that could potentially allow learning the random key used to encrypt files.
K-12 educational institutions in the U.S. are being targeted by malicious actors for extortion, data theft, and general disruption of normal activity. The trend will continue through the 2020/2021 academic year.
Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers.
The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serveÂ malware or fraudulent content to users.
Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection.
A vulnerability in GE Healthcare's proprietary management software used for medical imaging devices could put patients' health privacy at risk,.
It's the giving season, and cybercriminals are more actively looking to steal gift cards. One of the most popular brands in their sight is giant retailer Target.
A vulnerability in D-link firmware powering multiple routers with VPN passthrough functionality allows attackers to take full control of the device.
Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads.
TrickBotÂ malware developers have created a new module that probes for UEFI vulnerabilities, demonstrating the actor's effort to take attacks at a level that would give them ultimate control over infected machines.
An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts.