Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera. [...]

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware. [...]

A July 9th attack disrupted service and taunted Iran’s leadership with hacked screens directing customers to call the phone of Iranian Supreme Leader Khamenei with complaints. [...]

Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON. [...]

Targets of Discord malware expand far beyond gamers. [...]

The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid. [...]

Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn. [...]

A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems. [...]

Researchers are skeptical that much will come from calling out China for the Microsoft Exchange attacks and APT40 activity, but the move marks an important foreign-policy change. [...]

Podcast: Nothing, says a ransomware negotiator who has tips on staying out of the sad subset of victims left in the lurch, mid-negotiation, after REvil's servers went up in smoke. [...]

Podcast: Can a new SIM card and prepaid service from an MVNO help? Former spyware insider, current mobile white hat hacker Adam Weinberg on how to block spyware attacks. [...]

An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most interested in. [...]

The gang is using a new brute-forcer – “Diicot brute” – to crack passwords on Linux-based machines with weak passwords. [...]

Matt Dunn, associate managing director in Kroll's Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness. [...]

Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on. [...]

Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it. [...]

Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. [...]

David "moose" Wolpoff, CTO at Randori, discusses security appliances and VPNs and how attackers only have to "pick one lock" to invade an enterprise through them. [...]

The newborn platform was inundated by Sonic the Hedgehog-themed porn and had prominent users' profiles defaced. Next, hackers posted its user database online. [...]

Say hello to one more zero-day and yet more potential remote data death for those who can’t/won’t upgrade their My Cloud storage devices. [...]

REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116. [...]

Criminals behind the potent REvil ransomware have ported the malware to Linux for targeted attacks. [...]

LimeVPN has confirmed a data incident, and meanwhile its website has been knocked offline. [...]

Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior. [...]

Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability. [...]