RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say. [...]

Access to heart monitors disabled by the attack allegedly kept staff from spotting blood & oxygen deprivation that led to the baby's death. [...]

Researchers have demonstrated that someone could use a stolen, locked iPhone to pay for thousands of dollars of goods or services, no authentication needed. [...]

The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software. [...]

Newly discovered code resembles the Kazuar backdoor and the Sunshuttle second-stage malware distributed by Nobelium in the SolarWinds supply-chain attacks. [...]

UPDATE: Indicators of compromise are now available. The unredacted RCE exploit released on Monday allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service. [...]

Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests. [...]

It's not the first time that the disinformation/spearphishing campaign, which originally smeared NATO, has been linked to Russia. [...]

Discovery of BulletProofLink—which provides phishing kits, email templates, hosting and other tools—sheds light on how wannabe cybercriminals can get into the business. [...]

A newly discovered backdoor and double chats could have enabled REvil ransomware-as-a-service operators to hijack victim cases and snatch affiliates’ cuts of ransom payments. [...]

"Time to find out who in your family secretly ran... [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security. [...]

“TinyTurla,” simply coded malware that hides away as a legitimate Windows service, has flown under the radar for two years. [...]

A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom. [...]

The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups. [...]

The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say. [...]

Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks. [...]

John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. [...]

Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. [...]

There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help. [...]

Justin Jett, director of audit and compliance at Plixer, discusses how to effectively use network flow data in the fight against ransomware. [...]

Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed. [...]

A hacker known only as “Mr. A” was picked up by authorities at a South Korean airport after getting stuck in the country due to COVID-19 travel restrictions. [...]

Verizon DBIR is already funny, useful & well-written, and it just got better with mapping to MITRE ATT&CK TTPs. The marriage could finally bring answers to "What are we doing right?" instead of the constant reminders of what's not working in fending off threats. [...]

Cybercriminal enterprise is mass testing millions of usernames and passwords per day in a hunt for loyalty card data. [...]

An attacker breached the site of famed street artist Banksy to host a fraudulent NFT auction but then gave back the money. [...]