As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be afraid” was scrawled on the Foreign Ministry site. Cyberattackers brought down around 70 ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. Eighty-two percent of attacks on organizations in Q1 2022 were ...

GootLoader hijacks WordPress sites to lure professionals to download malicious sample contract templates. Once prolific spreaders of REvil ransomware, the GootLoader malware gang has pivoted to ...

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. The bloom is back on phishing attacks with criminals doubling down on fake messages ...

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. A recently surfaced 84-page ...

Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.

SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets. Gaming giant SEGA Europe recently discovered that its sensitive data was ...

The attacker who penetrated the Dutch CA DigiNotar last year had complete control of all eight of the company’s certificate-issuing servers during the operation and he may also have issued some rogue ...

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data. A U.K. water supplier suffered a disruption in its ...

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack. Google has patched the fifth actively exploited ...

LOLBins help attackers become invisible to security platforms. Uptycs provides a rundown of the most commonly abused native utilities for Windows, Linux and macOS – and advice for protection.