Google has taken down servers associated with the huge Glupteba botnet and also sued two alleged operators of the network.
Microsoft has disrupted "a key piece of infrastructure" used by the China-based threat group known as Nickel or APT15.
New guidance from the White House requires CISA to develop policies for federal agencies to move toward automated security incident reporting.
Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
CISA and the FBI are warning that APT groups are exploiting a critical flaw (CVE-2021-44077) in the ManageEngine ServiceDesk Plus tool.
Several new Security Directives, released by the TSA, aim to improve the security postures of rail and aviation entities.
A threat actor has been deploying web browser credential stealers, an undocumented backdoor and new Google Chrome malicious extension in an ongoing campaign.
Mozilla has fixed a critical buffer overflow in its NSS cryptographic library that had been lurking in the code for several years.
Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.
The sentencing comes as the FCC grapples with how it can better safeguard consumers against SIM hijacking attempts.
The TA505 threat group known for using the Clop ransomware and Dridex trojan is now using a new P2P RAT.
VirusTotal has added a Collections feature to enable better real-time sharing of IOCs and context around malicious files and URLs.
Researchers warn that a ransomware group's constant rebranding and its small size has allowed for it to fly under the radar.
Casey Ellis, founder, chairman and CTO of Bugcrowd, discusses the future of vulnerability disclosure programs.