On Monday and Tuesday, Apple released iOS 14.8.1, iPadOS 14.8.1, watchOS 8.1, and tvOS 15.1, patching 24 security vulnerabilities, including… Read More
The AvosLocker ransomware gang is claiming that it breached Gigabyte and has leaked a sample of what it claims are… Read More
The TA505 cybercrime group is upping its financially motivated attacks, shooting malware at a range of industries in a wave… Read More
Cryptocurrency scammers are exploiting Apple’s Enterprise Developer Program to get bogus trading apps onto their marks’ iPhones. Sophos Labs observed… Read More
Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to allow attackers to completely take… Read More
The Flubot banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting… Read More
Google pushed out an emergency Chrome update to fix two zero-days, the second pair this month, that are being exploited… Read More
The new APT group is specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities… Read More
A U.S. hospital paralyzed by a ransomware attack in 2019 will be defending itself in court in November over the… Read More
The spoofed email has targeted close to 75,000 email inboxes, slipping past spam and security controls across Office 365, Google… Read More
REvil leadership did indeed create a backdoor that enabled them to cut off ransom negotiations between victims and the gang’s… Read More
Guardicore security researcher Amit Serper has discovered a severe design bug in MIcrosoft Exchange’s autodiscover – a protocol that lets… Read More
Malware specialists have found evidence of how REvil ransomware’s leadership may have hijacked chats with victims of their own affiliates… Read More
Hackers are upping their game, using an approach some experts call “Deep Sea Phishing,” which is the use of a… Read More
Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead… Read More
Threat actors impersonated the USDOT in a phishing campaign that used a combination of tactics – including creating new domains… Read More