The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics. [...]

Pretending to be someone else online could become a criminal offense, setting a precedent for other states to follow. [...]

A phishing kit has been found running on at least 700 domains - and mimicking services via false SharePoint, OneDrive and Office 365 login portals. [...]

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. [...]

The detection-evasion tool, libprocesshider, hides TeamTNT's malware from process-information programs. [...]

The suspect allegedly has extorted $27.6 million from ransomware victims, mostly in the healthcare sector. [...]

A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren't connected to the internet. [...]

Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo. [...]

Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more. [...]

Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker's Dark Web leaks site offline and charged a suspect. [...]

An anonymous researcher identified bugs in the software’s kernel and WebKit browser engine that are likely part of an exploit chain. [...]

If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products. [...]

Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months. [...]

The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds. [...]

Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records. [...]

An unmonitored account belonging to a deceased employee allowed Nefilim to exfiltrate data and infiltrate systems for a month, without being noticed. [...]

Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor. [...]

A security flaw in TikTok could have allowed attackers to query query the platform's database – potentially opening up for privacy violations. [...]

Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in. [...]

Ajit Pai says Chinese telecom companies ‘biggest national security threat’ for regulators in exit interview. [...]

The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download. [...]

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks. [...]

The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series. [...]

The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords. [...]

The "KindleDrip" attack would have allowed attackers to siphon money from unsuspecting victims. [...]