With Conti gone, LockBit takes lead of the ransomware threat landscape
The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to new reports.
The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to new reports.
Researchers have discovered a new attack framework of Chinese origin that they believe is being used in the wild.
Global encryption keys were hardcoded on some programmable logic controller product lines. Siemens recommends upgrading all affected devices.
Hacker group Lazarus has begun exploiting a known vulnerability in an OEM driver developed by Dell to evade detection by security solutions.
A possibly new threat actor packaged and deployed back-doors as vSphere Installation Bundles, gaining remote code execution and persistence capabilities.
Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers.
A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.
A remote code execution vulnerability in Zoho's ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild.
Corrupting files is faster, cheaper, and less likely to be stopped by endpoint protection tools than encrypting them.
Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.
Lazarus has used the new remote access Trojan in campaigns that exploit the Log4Shell vulnerability and target energy companies.
Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes.
Ransomware gangs seem to be exploiting concerns over disruptions in the energy and other critical infrastructure sectors.
The Nitrokod cryptocurrency mining campaign goes to great lengths to avoid detection and can remain active for a number of years.
Hackers have developed ways to bypass multi-factor authentication on cloud productivity services like Microsoft 365, formerly Office 365.