Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. A longtime threat group identified as TA558 has ramped ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Malicious emails warning Microsoft users of “unusual sign-on activity” from Russia are looking to capitalizing on the Ukrainian crisis. While legitimate concerns abound about the Russian-Ukrainian ...

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. A recently surfaced 84-page ...

There are five different pillars to implement when moving to a modern, zero-trust security model. Employees are demanding that employers enable flexible workstyles. Apps are moving to the cloud. A ...

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in ...

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out. A proof-of-concept attack has been pioneered that “fully and practically” breaks ...

Refusal to unlock the phones of a Florida shooter could set up another legal battle between Apple and the Feds over data privacy in the case of criminal investigations. Apple once again is drawing the ...

WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links. Hackers are abusing the popular file-sharing service called WeTransfer to circumvent defensive email ...

2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. Ransomware, supply-chain threats and how ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign ...

Environmentalists and policymakers warn water treatment plants are ripe for attack. Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack ...