Vulnerabilities/Threats

A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.

Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.

Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.

Purporting to publish leaked emails of pro-Brexit leadership in the UK, a new site's operations have been traced to Russian cyber-threat actors, Google says.

Implement zero-trust policies for greater control, use BYOD management tools, and take proactive steps such as keeping apps current and training staff to keep sensitive company data safe and employees' devices secure.

In just one month, the ransomware group's activity rose by 2,100%, a new report finds.

With manufacturing ranking as the fourth most targeted sector, manufacturers that understand their exposure will be able to build the necessary security maturity.

A DDoS campaign observed by Akamai from actors claiming to be REvil would represent a major pivot in tactics for the gang.

Ransomware has become so efficient, and the underground economy so professional, that traditional monetization of stolen data may be on its way out.

But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.

Decentralized finance lost $1.8 billion to cyberattacks last year — and 80% of those events were the result of vulnerable code, analysts say.

An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.

The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.

Analysts have seen a massive spike in malicious activity by the XorDdos Trojan in the last six months, against Linux cloud and IoT infrastructures .

A culture of trust, combined with tools designed around employee experience, can work in tandem to help organizations become more resilient and secure.