The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves ...

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.

Multiple Accellion FTA customers, including the Jones Day Law Firm, Kroger and Singtel, have all been attacked by the group, receiving extortion emails threatening to publish stolen data on the ...

Weakness in Drone Protocol The ExpressLRS protocol utilizes what is called a “binding phrase,” a kind of identifier that ensures the correct transmitter is talking to the correct receiver. The ...

Through the first half of 2022, 34 percent of all unique phishing attacks tracked by the researchers impersonated financial services brands. The next most popular industry for criminals to abuse ...

Fox-IT’s report on the DigiNotar hack shows that all eight of the company’s certificate authority servers were compromised in the attack on the certificate authority and that the company could ...

Russia is offering its own trusted Transport Layer Security (TLS) certificate authority (CA) to replace certificates that need to be renewed by foreign countries. As it is, a pile of sanctions ...

With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by far ...

Cybercriminals who have worked as affiliates with ransomware group DarkSide, responsible for the Colonial Pipeline attack, are having a tough time getting paid for their work now that the group ...

Attacks against firmware are snowballing, outstripping many organizations’ cyber-defenses, according to a survey from Microsoft. The report showed that more than 80 percent of enterprises have ...

Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.

SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.