Attacks/Breaches

The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.

Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.

Most automated attacks from the regions were against e-commerce and telecommunications organizations.

The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.

A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics.

The mobile company states that the issue was due to a glitch that occurred in an update.

Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware.

A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.

The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.

The ICC did not reveal details on the cyber breach.

The GitLab code hijacks computer resources to mine Dero cryptocurrency as part of a larger cryptomining operation.

The veracity of claims by the group known as "Cyber Avengers" has been called into question, as it continues to take credit for hits on various Israeli services.

"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.

MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.