‘Killnet’ Adversary Pummels Lithuania with DDoS Attacks Over Blockade

Cyber collective Killnet claims it won’t let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad.

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers.

Google Warns Spyware Being Deployed Against Android, iOS Users

The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.

Gamification of Ethical Hacking and Hacking Esports

Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future.

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.

Elusive ToddyCat APT Targets Microsoft Exchange Servers

The threat actor targets institutions and companies in Europe and Asia.

Modern IT Security Teams’ Inevitable Need for Advanced Vulnerability Management

Traditional vulnerability management programs are outdated, with little to no innovation in the last two decades. Today's dynamic IT environment demands an advanced vulnerability management program to deal with the complex attack surface and curb security risks.

Kazakh Govt. Used Spyware Against Protesters

Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders.

Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack

A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.

Voicemail Scam Steals Microsoft Credentials

Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details.

China-linked APT Flew Under Radar for Decade

Evidence suggests that a just-discovered APT has been active since 2013.

State-Sponsored Phishing Attack Targeted Israeli Military Officials

Analysts have uncovered an Iran-linked APT sending malicious emails to top Israeli government officials.

Ransomware Risk in Healthcare Endangers Patients

Ryan Witt, Proofpoint's Healthcare Cybersecurity Leader, examines the impact of ransomware on patient care.

Facebook Messenger Scam Duped Millions

One well crafted phishing message sent via Facebook Messenger ensnared 10 million Facebook users and counting.

DragonForce Gang Unleash Hacks Against Govt. of India

In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India.

Travel-related Cybercrime Takes Off as Industry Rebounds

Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.

In Cybersecurity, What You Can’t See Can Hurt You

The dangers to SMBs and businesses of all sizes from cyberattacks are well known. But what’s driving these attacks, and what do cybersecurity stakeholders need to do that they’re not already doing?

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

Attackers gained access to private account details through an email compromise incident that occurred in April.

Linux Malware Deemed ‘Nearly Impossible’ to Detect

Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.

Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers

Researchers demonstrated a possible way to track individuals via Bluetooth signals.

U.S. Water Utilities Prime Cyberattack Target, Experts

Environmentalists and policymakers warn water treatment plants are ripe for attack.

Potent Emotet Variant Spreads Via Stolen Email Credentials

The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.

Feds Forced Travel Firms to Share Surveillance Data on Hacker

Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution.