Researchers found hundreds of malicious Office documents being used to download Emotet in June.
A remotely exploitable memory corruption bug has been identified in OpenSSL 3.0.4 on x64 systems with the AVX512 instruction set.
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
Researchers say evidence points to Chinese-based Bronze Starlight using five different ransomware families as a method to disguise its actual goal of espionage.
APT teams are still exploiting the Log4Shell flaw in VMware Horizon and Unified Access Gateway, six months after the initial disclosure.
The majority of exploitation attempts against the recent Atlassian Confluence bug (CVE-2022-36134) are coming from Russia.
Business email compromise (BEC) groups are more heavily relying on attacks that impersonate third-party vendors or suppliers, as opposed to traditional attacks that mimicked executives.
An AvosLocker ransomware attack exploited the Log4j bug in VMware Horizon servers.
Daniel dos Santos, head of security research with Forescout, talks about a set of over 50 vulnerabilities discovered in operational technology (OT) devices from 10 different vendors.
An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.
Ransomware actors are getting better at laundering their proceeds from attacks - but law enforcement authorities are also getting better at tracking illicit cryptocurrency funds down.
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
CISA is asking for public comment on a new set of cloud security guidance for federal agencies.
Microsoft issued a patch for the Follina vulnerability, which was first disclosed in May and has been under active exploitation by attackers.
A targeted spear-phishing operation leveraged sophisticated social engineering tactics in order to collect personal information about high-ranking officials in the U.S. and Israel.