The notorious cybercrime gang could make out whether or not Apple pays the $50 million ransom by May 1 as demanded. [...]

In this Threatpost podcast Fortinet’s top researcher outlines what a cybercriminal supply chain is and how much the illicit market is worth. [...]

Even if the app is not installed or in use, threat actors can use it to spread malware through email campaigns and take over victims’ machines, new research has found. [...]

David “moose” Wolpoff, co-founder and CTO at Randori, talks lesser-known hacking paths, including unresolved "fixme" flags in developer support groups. [...]

CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. [...]

Attacks dubbed ‘Fajan’ by researchers are specifically targeted and appear to be testing various threat techniques to find ones with the greatest impact. [...]

The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website. [...]

A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. [...]

Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. [...]

Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. [...]

Saryu Nayyar, CEO at Gurucul, discusses the new Cold War and the potential for a cyberattack to prompt military action. [...]

A massive operation offers access to hacked camera feeds in bedrooms and at hotels. [...]

New details of negotiation between attackers and officials from Broward County Public Schools emerge after a ransomware attack early last month. [...]

Researchers said the FoundCore malware represents a big step forward when it comes to evasion. [...]

Aamir Lakhani, cybersecurity researcher for Fortinet’s FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. [...]

In this roundtable, security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources. [...]

Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. [...]

Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. [...]

Researchers uncover a credential-stealing campaign targeting genetic, neurology and oncology professionals. [...]

Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others. [...]

Predator-ranked players on Xbox console game version rigged matches with DDoS attacks. [...]

There could be more than immediately meets the eye with this targeted attack group. [...]

The post-SolarWinds EO could be issued as soon as next week, according to a report. [...]

The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations. [...]

Vast swathes of companies were likely compromised before patches were applied, so the danger remains. [...]