The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. [...]

A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. [...]

Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains. [...]

Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users. [...]

The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza. [...]

Microsoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers. [...]

Microsoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is an actively exploited zero-day. [...]

The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. [...]

An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others. [...]

The bug is under attack. Within hours of the patch release, a researcher published POC code, calling it a "great" flaw that can be used for jailbreaks and local privilege escalation. [...]

Effective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it. [...]

The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications. [...]

A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees' emails; and more. [...]

A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails, employees' emails, and more. [...]

Anurag Kahol, CTO & co-founder at Bitglass, offers tips for avoiding implementation pitfalls for zero trust. [...]

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. [...]

The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. [...]

The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. [...]

An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch's source code, comments going back to its inception and more. [...]

Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. [...]

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. [...]

Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack. [...]

One easily disproved conspiracy theory linked the ~six-hour outage to a supposed data breach tied to a Sept. 22 hacker forum ad for 1.5B Facebook user records. [...]

The Compound cryptocurrency exchange accidentally botched a platform upgrade and distributed millions in free COMP tokens to users - then threatened to dox the recipients. [...]

They were all flat on their faces for hours on Monday, throwing off DNS error messages or other server-related errors. [...]