The out-of-band warning pairs with a working proof-of-concept exploit for the issue, circulating since mid-July. [...]

LockBit offered Accenture's purported databases and made a requisite jab at its purportedly sad security. Accenture says it recovered just fine from backups. [...]

Despite a lack of evidence, the National Security Agency will investigate whether the Fox host was illegally targeted. [...]

Spam was on the rise in Q2, with video fraud and COVID-19-related efforts in the mix. [...]

The decryptor is of little use to other companies hit in the spate of attacks unleashed before the notorious ransomware group went dark, researchers said. [...]

Experts urged enterprises to patch fast: SAP vulnerabilities are being weaponized in a matter of hours. [...]

In one of the largest cryptocurrency hacks to date, cyberattackers reportedly stole millions from the decentralized finance (DeFi) platform Poly Network. [...]

John Deere security bugs could allow cyberattackers to damage crops, surrounding property or even people; impact harvests; or destroy farmland for years. [...]

Microsoft's August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and seven critical vulnerabilities. [...]

Some bad actors are honing tools to go after small fry: This variant was refined to target not one, but two vendors’ devices that are common in SOHO setups. [...]

The dangerous malware has been rapidly developed since June and could be released into the wild soon. [...]

Is fuzzing for the cybersec elite, or should it be accessible to all software developers? FuzzCon panelists say join the party as they share fuzzing wins & fails. [...]

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. [...]

Researchers have found an entirely new attack vector for eavesdropping on Zoom and other virtual meetings. [...]

Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0. [...]

A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. [...]

Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan. [...]

The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand …

The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. [...]

Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data. [...]

Security researchers warned that at least 8,800 vulnerable systems are open to compromise. [...]

Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. [...]

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks. [...]

Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime. [...]

Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-. [...]