IN THE UNITED STATES REPORTING IS MANDATORY
RECENT THREAT POSTS
The infamous Carbanak operator is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure "pen-testing" company.
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.
The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.