A Windows security bug would allow an attacker to fool a USB camera used in the biometric facial-recognition aspect of the system. [...]

Microsoft tackles 12 critical bugs, part of its July 2021 Patch Tuesday roundup, capping a ‘PrintNightmare’ month of headaches for system admins. [...]

Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark. [...]

An attack on Guess compromised the personal and banking data of 1,300 victims. [...]

The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs. [...]

Adobe July patch roundup includes fixes for its ubiquitous and free PDF reader Acrobat 2020 and other software such as Illustrator and Bridge. [...]

Professors, journalists and think-tank personnel, beware strangers bearing webinars: It’s the focus of a particularly sophisticated, and chatty, phishing campaign. [...]

Matt Dunn, associate managing director in Kroll's Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness. [...]

Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on. [...]

Microsoft alerted the company to a security vulnerability in its Serv-U Managed File Transfer and Secure FTP products that a cyberattacker is using to target a “limited” amount of customers. [...]

The malware has targeted Chinese gambling sites with fake app installers. [...]

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. [...]

The attacks are enabled by a now-patched vulnerability in ForgeRock's Access Management, a popular platform that front-ends web apps and remote-access setups. [...]

The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers. [...]

Cybersecurity is one of the most important topics on the global agenda, boosted by the pandemic. As the global digitalisation is further accelerating, the world is becoming ever more interconnected. Digital ecosystems are being created all around us: countries, corporations and individuals are taking advantage of the rapid spread …

Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it. [...]

The high-severity security vulnerabilities allow elevation of privileges, leading to data theft and more. [...]

Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. [...]

A global effort to steal information from energy companies is using sophisticated social engineering to deliver Agent Tesla and other RATs. [...]

The problem APIs included numero uno on the OWASP API Security Top 10: a Broken Object Level Authorization (BOLA) issue that could have exposed personal data. [...]

Jason Kent, hacker-in-residence at Cequence Security, discusses fake online accounts, and the fraud they carry out on a daily basis. [...]

Security vulnerabilities in the ERP platform could allow attackers to tamper with or sabotage victims' business-critical processes and to intercept data. [...]

Threat actors enlist compromised WordPress websites in campaign targeting macOS users. [...]

The unnamed suspect allegedly helped to develop carding and phishing kits with the aim of stealing customers' bank-card data. [...]

Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft update along with a SecurityUpdates.exe. [...]