A newly proposed interim final rule is the result of 2017 negotiations as part of the Wassenaar Arrangement after initial export rules were met with criticism.
Google researchers point to a resurgence in a decades-old session hijacking tactic, as seen in a recent phishing campaign.
A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.
The BlackMatter ransomware operators are targeting critical infrastructure operators in the U.S., including food suppliers.
Mandiant threat intelligence researchers give Decipher editor Lindsey O'Donnell-Welch a behind-the-scenes look at how they began tracking recently discovered ransomware group FIN12 - and what's next for the group.
A well-known attack group has compromised at least 13 telecommunications organizations since 2019, relying on custom toolsets and a novel C2 persistence method.
A Financial Crimes Enforcement Network (FinCEN) report showed cybercriminals switching up their money laundering efforts, in order to avoid detection by law enforcement.
Ransomware actors hist three wastewater facilities in the U.S. in the last few months, accessing SCADA devices and disrupting operations, CISA said.
The Verica Open Incident Database (VOID) provides a collection of reports on software outages, security incidents, and near misses to enable analysis of common causes and resolutions.
A slew of ransomware attacks is causing government officials to consider the resources needed to secure school district networks.
APT35 attackers are using a new technique in their phishing attacks, which leverages a function from Telegram.
Top officials from NSA and CISA say collaborative defense is the key to countering threats to the critical infrastructure.
Researchers observed known threat groups infecting victims with TrickBot for the first time in June, suggesting that the malware operators are expanding their distribution channels.
Microsoft issued a fix for a use-after-free Windows vulnerability that was being leveraged in attacks, as part of its October Patch Tuesday roundup.
A flaw in the keypair library that caused it to generate weak RSA keys for SSH has caused GitHub and other services to revoke many organizations' keys.