A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data. [...]

A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. [...]

The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks. [...]

A new variant of the Gafgyt botnet - that's actively targeting vulnerable D-Link and Internet of Things devices - is the first variant of the malware to rely on Tor communications, researchers say. [...]

Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack. [...]

Cybercriminals are using the COVID-19 vaccine to steal Microsoft credentials, infect systems with malware and bilk victims out of hundreds of dollars. [...]

A flaw (CVE-2021-21166) in the Audio component of Google Chrome is fixed in a new update being pushed out to Windows, Mac and Linux users. [...]

The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics. [...]

The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October. [...]

Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites. [...]

Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction. [...]

Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users. [...]

Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks. [...]

From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses. [...]

Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor. [...]

The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data. [...]

Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. [...]

Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking. [...]

As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials. [...]

A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code. [...]

Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express - but that really steal their credentials. [...]

APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers. [...]

RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service. [...]

The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013. [...]

A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices. [...]