According to Keeper Security’s Workplace Password Malpractice Report, many remote workers aren’t following best practices for password security. [...]

FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware. [...]

Paper ballots and source-code transparency are recommended to improve election security. [...]

A new type of fraud is spiking across the platform: Selling fake vax records to people who want to lie their way into places where proof of vaccine is required. [...]

Argyle is paying workers to help hack payroll providers, researchers suspect. [...]

Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're in range. [...]

Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand. [...]

Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities. [...]

GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords. [...]

A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. [...]

An ingenious attack on Android devices self-propagates, with the potential for a range of damage. [...]

Aamir Lakhani, researcher at FortiGuard Labs, discusses leading-edge threats related to edge access/browsers/IoT, and the COVID-19 vaccine, as a way of getting into larger organizations. [...]

Analyst finds ransomware evidence, despite a contractor's denial of compromise. [...]

Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors. [...]

Security researchers mull possible perpetrators of the attack, and warned that the incident could be a harbinger of things to come. [...]

The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. [...]

Colonial Pipeline Company says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations. [...]

U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. [...]

NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities. [...]

A malicious app can exploit the issue, which could affect up to 30 percent of Android phones. [...]

The networking giant has rolled out patches for remote code-execution and command-injection security holes that could give attackers keys to the kingdom. [...]

The student opted for “free” software packed with a keylogger that grabbed credentials later used by "Totoro" to get into a biomolecular institute. [...]

A large-scale incident earlier this week against Belnet and other ISPs has sent a wave of internet disruption across numerous Belgian government, scientific and educational institutions. [...]

PandaStealer is delivered in rigged Excel files masquerading as business quotes, bent on stealing victims' cryptocurrency and other info. [...]

'Spam protection, AntiSpam, FireWall by CleanTalk' is installed on more than 100,000 sites -- and could offer up sensitive info to attackers that aren't even logged in. [...]