BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities. [...]

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities. [...]

Ransomware volumes are up 1000%. Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, discusses secure email, network segmentation and sandboxing for defense. [...]

Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices. [...]

A Russian-language threat group is available for hire, to steal data on journalists, political leaders, activists and from organizations in every sector. [...]

A bill introduced this week would regulate ransomware response by the country's critical financial sector. [...]

The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials. [...]

The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances. [...]

UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls. [...]

PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps. [...]

Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors. [...]

A U.K. fishing retailer’s site has been hijacked and redirected to Pornhub. [...]

The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021. [...]

The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500). [...]

Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms. [...]

The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more. [...]

Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks. [...]

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks. [...]

Q3 DDoS attacks topped thousands daily, with more growth expected. [...]

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. [...]

Researchers have spotted a second, worldwide campaign exploiting the Zoho zero-day: one that’s breached defense, energy and healthcare organizations. [...]

An FBI notification is warning of an uptick in attacks against tribal casinos. [...]

CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution. [...]

Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, offers advice on least privilege, automation, application control and more. [...]

Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds. [...]