The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. [...]

Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws. [...]

A former Army Reservist pleaded guilty to scamming the elderly with catfishing and stealing from veterans. [...]

The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups. [...]

Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches. [...]

How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.” [...]

WhatsApp’s moderators sent messages flagged by intended recipients. Researchers say this isn't concerning -- yet. [...]

Aamir Lakhani, researcher at FortiGuard Labs, explains why organizations must extend cyber-awareness training across the entire enterprise, from Luddites to the C-suite. [...]

The security vulnerability can be exploited with a malicious CSV file. [...]

The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say. [...]

Alex Restrepo, Virtual Data Center Solutions at Veritas Technologies, discusses post-attack restoration options, and how to prepare for another one in the future. [...]

Record-breaking distributed denial of service attack targets Russia’s version of Google - Yandex. [...]

The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.' [...]

With so many people still working from home, cybercriminals are trying to cash in. Cyberattacks have increased 300% and the risk of losing important data or being compromised is much greater at home. Here are five recommendations for securing your home office. [...]

Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks. [...]

They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. [...]

Usernames, passwords for database sent in prize redemption emails. [...]

John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. [...]

A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. [...]

Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. [...]

An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom. [...]

An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. [...]

Pro-Kurd Facebook profiles deliver '888 RAT' and 'SpyNote' trojans, masked as legitimate apps, to perform mobile espionage. [...]

There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help. [...]

Justin Jett, director of audit and compliance at Plixer, discusses how to effectively use network flow data in the fight against ransomware. [...]