Pen Test Partners didn't disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm. [...]

A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. [...]

The MICROP ransomware spreads via Google Drive and locally stored passwords. [...]

Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it. [...]

The bureau's flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets' networks. [...]

Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific ‘ephemeral’ aspect of the project-management tool to link to SharePoint phishing pages. [...]

Pankaj Gupta, Senior Director at Citrix, outlines how distributed denial of service attacks have become increasingly sophisticated, bigger and economically motivated. [...]

WordPress sites have been splashed with ransomware warnings that are as real as dime-store cobwebs made out of spun polyester. [...]

Lures dressed up to look like movie and TV streaming offers are swiping payment data. [...]

Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving. [...]

Threat actors used malicious emails to target more than 125 people with high-profile TikTok accounts in an attempt to steal info and lock them out. [...]

Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out of the FBI’s email system, says it's just one of a string of jabs from a childish but cybercriminally talented tormentor. [...]

Hank Schless, senior manager of security solutions at Lookout, discusses AbstractEmu, mobile malware found on Google Play, Amazon Appstore and the Samsung Galaxy Store. [...]

The leak included model information, chat messages and payment details. [...]

A politically motivated group is paralyzing Israeli entities with no financial goal – and no intention of handing over decryption keys. [...]

Researchers observed what looks like the Emotet botnet – the "world’s most dangerous malware" – reborn and distributed by the trojan it used to deliver. [...]

An analysis of ransomware attack negotiation-data offers best practices. [...]

CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files. [...]

Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers. [...]

The alert was mumbo jumbo, but it was indeed sent from the bureau's email system, from the agency’s own internet address. [...]

Europol reports that criminal groups are undermining the EU’s economy and its society, offering everything from murder-for-hire to kidnapping, torture and mutilation. [...]

Big-box behemoth retailer Costco is offering victims 12 months of credit monitoring, a $1 million insurance reimbursement policy and ID theft recovery services. [...]

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile. [...]

Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft. [...]

Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites. [...]