Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
19 Sep 2024
Microsoft warns of Russian election threats, disinformation
As the 2024 U.S. presidential election nears, Microsoft detailed new influence campaigns such as fake videos aimed at discrediting Vice President Kamala Harris. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Sep 2024
FBI disrupts another Chinese state-sponsored botnet
The FBI said the massive botnet, which included 260,000 connected devices, was developed and operated by a publicly traded Chinese company named Integrity Technology Group. Continue Reading
By- Rob Wright, Senior News Director
-
News
04 Apr 2022
Cryptocurrency companies targeted in Mailchimp breach
Cryptocurrency wallet maker Trezor revealed phishing attacks against its customers that stemmed from a breach at Mailchimp, which the email marketing firm later confirmed. Continue Reading
By- Arielle Waldman, News Writer
-
News
31 Mar 2022
Spring Framework vulnerabilities sow confusion, concern
Two different remote code execution vulnerabilities in a Java developer tool caused considerable confusion after one of the flaws was leaked online as a zero-day. Continue Reading
-
News
31 Mar 2022
New 'AcidRain' malware may be connected to Viasat attack
SentinelOne did not directly attribute the malware to the Viasat attack. That said, researchers argued the "AcidRain" malware's functionality matches open source intelligence. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
30 Mar 2022
Axie Infinity hack results in $600M cryptocurrency heist
Axie Infinity, whose developer was hacked this month, is a popular NFT-based video game in which players earn cryptocurrency by raising their pay-to-play digital pets, or 'Axies.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Mar 2022
Rapid7 finds zero-day attacks surged in 2021
Cybercriminals are turning bugs into exploits faster than ever, according to Rapid7, which found that the average time to known exploitation dropped 71% last year. Continue Reading
-
Feature
29 Mar 2022
Cryptocurrency cyber attacks on the rise as industry expands
Consumers, businesses and governments are finding new ways to use cryptocurrency, but a recent string of cyber attacks has highlighted security risks and shortcomings. Continue Reading
By- Arielle Waldman, News Writer
-
News
25 Mar 2022
US indicts Russian nationals for critical infrastructure attacks
One defendant is accused of deploying the infamous Trisis or Triton malware against energy-sector companies, including a petrochemical plant in Saudi Arabia in a 2017 attack. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
25 Mar 2022
Review Microsoft Defender for endpoint security pros and cons
Microsoft wants to make Defender the only endpoint security product companies need, but does the good outweigh the bad? Read up on its features and pitfalls. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Podcast
25 Mar 2022
Risk & Repeat: Lapsus$ highlights poor breach disclosures
This Risk & Repeat podcast episode examines two high-profile breaches by emerging threat group Lapsus$ and how Microsoft and Okta responded to these attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
24 Mar 2022
North Korean hackers exploited Chrome zero-day for 6 weeks
Google researchers say a Chrome zero-day bug stemming from a use-after-free error was exploited by North Korean hackers against both media and financial targets earlier this year. Continue Reading
-
News
24 Mar 2022
FBI: Ransomware hit 649 critical infrastructure entities in 2021
The FBI's Internet Crime Complaint Center found ransomware was a top threat to critical infrastructure security in 2021, hitting a wide range of organizations. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Mar 2022
Microsoft confirms breach, attributes attack to Lapsus$
Microsoft disclosed it had been breached by emerging threat group Lapsus$ toward the end of a threat intelligence post dedicated to the extortion gang and its tactics. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Mar 2022
Biden: Russia exploring cyber attacks against US
President Joe Biden's warning of potential Russian attacks against U.S. critical infrastructure is the latest call to action for the private sector to fortify its cyberdefenses. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
18 Mar 2022
Seeking truth in crisis times shows importance of metadata
Metadata gives context to data, and during crises like the war in Ukraine when it's difficult to know what news to trust, context can help distinguish truth from fiction. Continue Reading
By- Eric Avidon, Senior News Writer
-
News
17 Mar 2022
JavaScript apps hit with pro-Ukraine supply chain attack
A popular JavaScript package was sabotaged by its developer and seeded with messages in support of Ukraine in what has become a supply chain attack. Continue Reading
-
News
17 Mar 2022
Sandworm APT ramps up Cyclops Blink botnet with Asus routers
Trend Micro discovered that the Cyclops Blink botnet, which had originally targeted WatchGuard devices, is now spreading to Asus and 'at least one other vendor.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Mar 2022
LokiLocker ransomware crew bursts onto the scene
The mysterious LokiLocker ransomware group caught the attention of BlackBerry researchers, who say the outfit could become the next cybercrime group to menace enterprises. Continue Reading
-
News
15 Mar 2022
Container vulnerability opens door for supply chain attacks
A CRI-O container engine vulnerability could allow attackers to bypass security controls and take over a host system, according to CrowdStrike researchers. Continue Reading
-
News
10 Mar 2022
Log4Shell vulnerability continues to menace developers
Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers. Continue Reading
-
Answer
10 Mar 2022
Use microsegmentation to mitigate lateral attacks
Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Feature
10 Mar 2022
6 potential enterprise security risks with NFC technology
Some NFC risks include payment processing fraud, eavesdropping and replay attacks. Continue Reading
-
Definition
10 Mar 2022
metamorphic and polymorphic malware
Metamorphic and polymorphic malware are two types of malicious software (malware) that can change their code as they propagate through a system. Continue Reading
By -
News
09 Mar 2022
Researchers disclose new Spectre V2 vulnerabilities
The Spectre class of data disclosure vulnerabilities is once again at the security forefront after researchers discovered a new variant of the side-channel attack. Continue Reading
-
News
09 Mar 2022
Immersive Labs: Average cyberthreat response takes 96 days
Immersive Labs' Cyber Workforce Benchmark found that some critical threats, including a zero-day vulnerability, took an average of six months to fully address. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
08 Mar 2022
FBI finds Ragnar Locker hit 52 U.S. critical infrastructure targets
While providing an updated list of indicators of compromise, the FBI revealed that a range of critical sectors were attacked by the ransomware group. Continue Reading
By- Arielle Waldman, News Writer
-
News
08 Mar 2022
Researchers uncover vulnerabilities in APC Smart-UPS devices
Researchers with Armis found a trio of vulnerabilities in uninterruptible power supply (UPS) devices from APC that could be remotely exploited by threat actors. Continue Reading
-
Tip
07 Mar 2022
Top DevSecOps certifications and trainings
Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
By- Isabella Harford, TechTarget
-
News
07 Mar 2022
Samsung breached, Nvidia hackers claim responsibility
Samsung said Galaxy device source code was stolen, but no employee or customer personal information was taken by the attackers, who appear to be with the Lapsus$ ransomware group. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
04 Mar 2022
Hackers using stolen Nvidia certificates to sign malware
The recent breach of Nvidia's corporate network has resulted in the posting of valid software certificates that are now being used to spread malware in the wild. Continue Reading
-
Podcast
04 Mar 2022
Risk & Repeat: Conti ransomware gang gets breached
This Risk & Repeat podcast episode covers the massive Conti leaks, including the data that was published and what it reveals about the infamous ransomware gang. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
04 Mar 2022
February ransomware attacks hit major enterprises
Enterprises, colleges and municipalities in the U.S. continued to be hit by ransomware as publicly reported attacks for February piled up. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
News
03 Mar 2022
Job applications a top HR business cybersecurity risk
Russia's attack on Ukraine has raised the risk of a business cybersecurity attack, and HR may be particularly vulnerable. But there are steps HR can take to protect its company. Continue Reading
By- Patrick Thibodeau, Editor at Large
-
Feature
03 Mar 2022
How to stop malicious or accidental privileged insider attacks
How many permissions or privileges a user has will affect how big of an insider threat they are. Discover the issues surrounding privileged users and how to curtail these threats. Continue Reading
By- Kyle Johnson, Technology Editor
-
Definition
03 Mar 2022
Open Web Application Security Project (OWASP)
The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
02 Mar 2022
CrowdStrike cracks PartyTicket ransomware targeting Ukraine
CrowdStrike's analysis of the new ransomware, also known as HermeticRansom, that affected Ukrainian organizations revealed that files encrypted with PartyTicket are recoverable. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Mar 2022
Conti ransomware source code, documentation leaked
The Conti ransomware gang's primary Bitcoin address, found in the leak, showed the crime outfit has taken in over $2 billion in cryptocurrency since 2017. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Mar 2022
Nvidia confirms breach, proprietary data leaked online
Nvidia has confirmed some of the claims from a little-known ransomware gang that allegedly broke into the network of the GPU giant and stole corporate data. Continue Reading
-
News
01 Mar 2022
HermeticWiper poses increasing cyber risk to Ukraine
While it has not been attributed to a specific threat group, ESET researchers observed another data-wiping malware that targeted a Ukrainian organization and warned it could extend to allies. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Feb 2022
Recorded Future: Russia may retaliate with cyber attacks
Recorded Future warned U.S. and European organizations could be hit by 'spillover attacks' or intentional retaliatory strikes from Russia following its invasion of Ukraine. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Feb 2022
Conti ransomware gang backs Russia, threatens U.S.
The Conti ransomware gang announced last week that they were in 'full support' of Russia and would retaliate if the West attacked Russian critical infrastructure. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
28 Feb 2022
Implement API rate limiting to reduce attack surfaces
Rate limiting can help developers prevent APIs from being overwhelmed with requests, thus preventing denial-of-service attacks. Learn how to implement rate limiting here. Continue Reading
By- Kyle Johnson, Technology Editor
- Manning Publications Co.
-
Feature
28 Feb 2022
API security methods developers should use
Developers can reduce the attack surface by implementing security early in the API development process and knowing methods to secure older APIs that can't be deprecated. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
25 Feb 2022
Researchers find access brokers focused on US targets
Security vendors studied 'access broker' advertisements on the dark web, which provide ransomware groups with the network and system access required for data thefts. Continue Reading
-
News
24 Feb 2022
New data wiper malware hits Ukraine targets
HermeticWiper is similar to another data-wiping malware known as WhisperGate, which was used in cyber attacks against Ukraine last month. Both used ransomware as an apparent decoy. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
24 Feb 2022
Pave a path to cybersecurity and physical security convergence
Physical security doesn't get the attention cybersecurity does, but that gap poses significant risks. Find out what you can do to better protect your organization's assets. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
24 Feb 2022
New tech, same threats for Web 3.0
Emerging technologies are prone to old-school social engineering attacks and credential-swiping techniques, according to Cisco Talos researchers who analyzed the new platforms. Continue Reading
-
News
23 Feb 2022
US, UK attribute Cyclops Blink to Sandworm
The group known for its use of VPNFilter malware has retooled with what is being tracked as Cyclops Blink, but its impact appears limited to WatchGuard business customers for now. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Feb 2022
Dragos: Ransomware topped ICS and OT threats in 2021
Whether ICS and OT networks were intentionally targeted or not, ransomware was found to be the No. 1 compromise to industrial organizations last year. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Feb 2022
IBM: REvil dominated ransomware activity in 2021
IBM X-Force's Threat Intelligence Index report also found a 'triple extortion' ransomware tactic in 2021, where threat actors use DDoS attacks to put extra pressure on victims. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
22 Feb 2022
Top 6 critical infrastructure cyber-risks
Cyber attacks on critical infrastructure assets can cause enormous and life-threatening consequences. Discover the top cyber-risks to critical infrastructure here. Continue Reading
By -
News
17 Feb 2022
FBI: BEC attacks spreading to virtual meetings
Since the start of the COVID-19 pandemic, many workplaces have shifted to virtual meeting platforms, and the FBI warned that threat actors have taken note. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Opinion
17 Feb 2022
Shifting security left requires a GitOps approach
Shifting security left improves efficiency and minimizes risk in software development. Before successfully implementing this approach, however, key challenges must be addressed. Continue Reading
By- Melinda Marks, Practice Director
-
News
17 Feb 2022
SonicWall: Ransomware attacks increased 105% in 2021
While 2021 represented a turning point for law enforcement and government action against ransomware, SonicWall still observed massive growth in attacks. Continue Reading
-
News
16 Feb 2022
Apache Cassandra vulnerability puts servers at risk
Certain non-default configurations of the Apache Cassandra database software could leave the door open for remote code execution attacks, according to JFrog researchers. Continue Reading
-
News
16 Feb 2022
Trickbot has infected 140,000-plus machines since late 2020
In October 2020, Microsoft reported that more than 90% of Trickbot's infrastructure had been disabled. The threat actor bounced back and began thriving soon after. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
15 Feb 2022
Sophos discovers new attack targeting Exchange Servers
A new type of attack that utilizes the Squirrelwaffle malware and business email compromise may be an issue for organizations that have not patched their Exchange servers. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
15 Feb 2022
proxy hacking
Proxy hacking is a cyber attack technique designed to supplant an authentic webpage in a search engine's index and search results pages to drive traffic to an imitation site. Continue Reading
By -
News
15 Feb 2022
CrowdStrike: Attackers are moving faster, harder to detect
The CrowdStrike '2022 Global Threat Report' said attackers are getting better at exploiting vulnerabilities and moving through compromised networks before defenders can spot them. Continue Reading
-
News
15 Feb 2022
Ransomware tied to attacks on critical infrastructure last year
While recent law enforcement action may be altering the ransomware landscape, BlackBerry researchers observed high-profile attacks on critical infrastructure last year. Continue Reading
By- Arielle Waldman, News Writer
-
News
14 Feb 2022
Fallout from REvil arrests shakes up ransomware landscape
Russian authorities recently announced more than a dozen arrests of alleged REvil members, heightening concern among ransomware affiliates on the dark web. Continue Reading
By- Arielle Waldman, News Writer
-
News
11 Feb 2022
FBI seized Colonial Pipeline ransom from DarkSide affiliate
New research from Chainalysis claims the DarkSide ransomware affiliate involved in last year's Colonial Pipeline attack also had ties to the NetWalker ransomware operation. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
09 Feb 2022
Ransomware groups shift from big game hunting
A joint cybersecurity advisory documented top ransomware trends for 2021 and addressed ways for organizations to improve security. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
09 Feb 2022
How to successfully scale software bills of materials usage
Companies must plan properly when implementing software bills of materials at scale. Accomplish these three goals to keep SBOMs updated, accurate and actionable, despite complexity. Continue Reading
By- Ed Moyle, Drake Software
-
News
08 Feb 2022
Russia continues cybercrime offensive with SkyFraud takedown
Officials in Russia have knocked the SkyFraud credit card fraud operation offline in the latest of a string of police actions against cybercriminals in the region. Continue Reading
-
News
08 Feb 2022
Microsoft disables VBA macros by default
Microsoft's change in the default settings of five Office applications aims to shut down a widely used and longstanding threat vector to enterprises. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
08 Feb 2022
Pros and cons of manual vs. automated penetration testing
Automated penetration testing capabilities continue to improve, but how do they compare to manual pen testing? Get help finding which is a better fit for your organization. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
07 Feb 2022
Metaverse rollout brings new security risks, challenges
When companies and users decide to adapt the technologies of the coming metaverse, they will also expose themselves to a new class of security risks and vulnerabilities. Continue Reading
-
News
07 Feb 2022
Wormhole offers $10M to Ethereum thieves
Wormhole also offered $10 million to anyone who provided 'information leading to the arrest and conviction of those responsible' for last week's heist. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
03 Feb 2022
Cryptocurrency platform Wormhole loses $320M after attack
After a threat actor made off with 120,000 wrapped Ethereum, Wormhole said the stolen cryptocurrency had been 'restored,' but what that means remains in question. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
03 Feb 2022
DHS forms first-ever Cyber Safety Review Board
The new initiative is one in a string of many by the Biden administration to push public and private collaboration in addressing cyber threats such as Log4j vulnerabilities. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
03 Feb 2022
The importance of a policy-driven threat modeling approach
An expanding threat landscape, combined with increasing cloud use and a cybersecurity skill shortage, is driving the need for a policy-driven threat modeling approach. Continue Reading
By- Altaz Valani
-
Feature
02 Feb 2022
A day in the life of a cybersecurity manager
The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
By- Isabella Harford, TechTarget
- O'Reilly Media
-
Feature
02 Feb 2022
Top cybersecurity leadership challenges and how to solve them
Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
By- Isabella Harford, TechTarget
-
News
02 Feb 2022
SolarMarker malware spread through advanced SEO poisoning
Sophos discovered SolarMarker malware was being distributed through fake SEO-focused topics in Google Groups, as well as malicious PDF files. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Feb 2022
More than 1,000 malware packages found in NPM repository
Researchers with WhiteSource were able to find some 1,300 examples of malware hiding under the guise of legitimate JavaScript packages on the NPM repository. Continue Reading
-
News
01 Feb 2022
Iranian hacking groups pick up the pace with new attacks
Two security vendors are reporting a fresh wave of targeted attacks and malware outbreaks believed to be the work of Iranian state-sponsored threat groups. Continue Reading
-
News
01 Feb 2022
Ransomware attacks continue to plague public services
Ransomware this year has picked up right where 2021 left off, with several local governments, schools and health services across the U.S. suffering attacks. Continue Reading
By- Peyton Doyle, News Editorial Assistant
-
Feature
31 Jan 2022
How to prepare for malicious insider threats
Stopping malicious insider threats is just as important as preventing external ones. Uncover what to look for and strategies to prevent insider threats before they cause damage. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Feature
31 Jan 2022
Include defensive security in your cybersecurity strategy
Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
31 Jan 2022
Emsisoft releases DeadBolt ransomware decryption tool
Emsisoft's DeadBolt ransomware decryption tool fixes broken decryptor keys issued by threat actors, and works only if the victim has paid the ransom and received a key. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
28 Jan 2022
Protect APIs against attacks with this security testing guide
API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them. Continue Reading
By -
Podcast
28 Jan 2022
Risk & Repeat: The complicated world of Monero
This Risk & Repeat podcast episode looks at the state of Monero, a privacy-focused cryptocurrency, as well as recent cyber attacks against crypto exchanges. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
27 Jan 2022
SolarWinds hackers still active, using new techniques
CrowdStrike has tracked the latest threat activity and novel techniques from the SolarWinds hackers, a Russian state-sponsored group known as Cozy Bear. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
27 Jan 2022
How AI can help security teams detect threats
AI and machine learning are reshaping modern threat detection. Learn how they help security teams efficiently and accurately detect malicious actors. Continue Reading
By- Rohit Dhamankar
-
News
27 Jan 2022
Apple security update fixes zero-day vulnerability
Apple released a series of security updates for bugs that included a critical zero-day vulnerability in iOS and macOS that is being actively exploited in the wild. Continue Reading
-
News
26 Jan 2022
DeadBolt ransomware targeting QNAP NAS storage devices
In addition to DeadBolt, QNAP NAS users have had to deal with multiple types of ransomware in recent months, including Qlocker and eCh0raix. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
26 Jan 2022
New vulnerability rating framework aims to fill in CVSS gaps
The CVSS vulnerability scale doesn't always give a clear picture of the risk of a vulnerability, but experts hope the emerging standard called EPSS will provide more clarity. Continue Reading
-
Tip
25 Jan 2022
Protect your data center from ransomware attacks
Consider how best to protect your data center from ransomware attackers: Keep safe, air-gapped backups; consolidate your infrastructure and prioritize critical assets. Continue Reading
-
News
25 Jan 2022
Sophos: Log4Shell impact limited, threat remains
Sophos threat researcher Chet Wisniewski detailed the unexpectedly limited impact Log4Shell had on organizations but warned of future exploitation and risks. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
24 Jan 2022
Enterprises reluctant to report cyber attacks to authorities
Despite some successful law enforcement operations, including the seizure of a ransom payment, infosec experts say many enterprises are still unlikely to report cyber attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
21 Jan 2022
5 infosec predictions for 2022
If the predictions are correct, 2022 will be another groundbreaking year for information security. Have a look at the security forecast for the next 12 months. Continue Reading
By- Kevin Hanes
-
Tip
20 Jan 2022
Introduction to automated penetration testing
Automated penetration testing, which speeds up the process for companies and vendors, is maturing. Is it ready to close the time gap between vulnerability discovery and mitigation? Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
20 Jan 2022
Cisco: Patching bugs is about more than CVSS numbers
Cisco's Kenna Security advised enterprises to consider more than just CVSS scores and update advisories when deciding when and how to address security vulnerabilities. Continue Reading
-
News
18 Jan 2022
Cryptocurrency exchange Crypto.com hit by cyber attack
The cryptocurrency exchange said it detected unauthorized activity on some user accounts over the weekend, but questions remain on the severity of the attacks. Continue Reading
By- Arielle Waldman, News Writer
-
News
18 Jan 2022
Ukraine hit with destructive malware attacks amidst turmoil
A new type of destructive malware was discovered by Microsoft after public and private organizations in Ukraine endured a series of cyber attacks as tensions with Russia grow. Continue Reading
-
Tip
18 Jan 2022
4 software supply chain security best practices
The increasing complexity of software supply chains makes it difficult for companies to understand all its components. Learn how to find vulnerabilities before attackers. Continue Reading
By- Ed Moyle, Drake Software
-
News
18 Jan 2022
Police seize VPN host allegedly facilitating ransomware
VPNLab is accused of facilitating cybercrime including ransomware and malware distribution, and its services were allegedly advertised on the dark web. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
18 Jan 2022
Ransomware actors increasingly demand payment in Monero
Though Bitcoin is still the cryptocurrency standard in ransomware payment demands, Monero has gained prominence due to its more private, less traceable technology. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
13 Jan 2022
Ukrainian police bust unnamed ransomware gang
A law enforcement raid in Ukraine resulted in the arrest of five suspects accused of deploying ransomware through phishing emails and making more than $1 million. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
13 Jan 2022
Is ransomware as a service going out of style?
Increased government pressure has backed many ransomware gangs into a corner, in turn forcing attackers to replace the ransomware-as-a-service model with a smash-and-grab approach. Continue Reading
By- Mike Behrmann