When it comes to cyber extortion, attackers are constantly on the hunt for new ways to put pressure on victims to pay up.
A new group with ties to the Iranian government is conducting a password-spraying campaign against Office 365 accounts.
The FIN12 group is targeting healthcare providers in the U.S. with aggressive cyberattacks that deploy the Ryuk ransomware.
Attackers were scanning for CVE-2021-41773 in the Apache web server several days before the flaw was disclosed publicly.
Researchers at VB2021 localhost gave an inside look into new malware families that the BlackTech espionage group is now using.
At the 2021 Aspen Cyber Summit this week, lawmakers discussed why cybersecurity legislation is picking up - and challenges in the legislative process.
A RAT that has stayed under the radar for at least three years was recently uncovered in highly targeted espionage attacks against companies in the telecommunications and aerospace industries.
The Department of Justice has formed a new National Cryptocurrency Enforcement Team to help disrupt ransomware payments to cybercriminals.
Apache has released a fix for a path traversal flaw (CVE-2021-41773) that has been exploited in the wild.
Researchers have discovered a new UEFI bootkit called ESPecter that can modify the Windows Boot Manager.
The fear surrounding the Pegasus spyware tool is being used to lure victims to a fake Amnesty International site that installs the Sarwent RAT.
The security of IoT and non-general purpose computing devices represents a systemic risk to corporate and national security, experts say.
The Nobelium attackers, who are responsible for the SolarWinds intrusion, have been deploying a new backdoor called FoggyWeb in targeted attacks.
There is active exploitation of the vCenter Server bug disclosed last week, along with mass scanning activity looking for vulnerable servers.
Potential new legislation to update FISMA could codify CISA's role and grant it additional authority.