Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. [...]

Enlarge (credit: Getty Images) Thousands of networking devices belonging to AT&T Internet subscribers in the US have been infected with newly discovered malware that allows the devices to be used in denial-of-service attacks and attacks on internal networks, researchers said on Tuesday. The device model under attack is …

Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts. [...]

The insurer won’t pay for 'acts of cyber-war' or nation-state retaliation attacks. [...]

Millions of texts leading to the Flubot spyware/banking trojan are targeting everyone who uses Androids in the country, in an "exceptional" attack. [...]

Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. [...]

I received a flood of renewal demands and unsubscribing doesn’t work I cancelled my McAfee anti-virus subscription earlier this year when I discovered it had been double charging me. It refunded only the current year and led me on a wild goose chase to recover the previous two …

Enlarge (credit: Getty Images ) Researchers said they’ve discovered a batch of apps downloaded from Google Play more than 300,000 times before the apps were revealed to be banking trojans that surreptitiously siphoned user passwords and two-factor authentication codes, logged keystrokes, and took screenshots. The apps—posing as …

IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. [...]

Attackers are honing Google Play dropper campaigns, overcoming app store restrictions. [...]

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. [...]

Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself. [...]

Israeli spyware firm’s problems go from bad to worse as scathing Apple lawsuit follows US blacklisting Shalev Hulio, the co-founder of Israel’s NSO Group, was in Washington DC on a mission to try to resuscitate the surveillance company’s battered reputation on Capitol Hill shortly before the …

Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday. [...]

A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices. [...]

Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes. [...]

Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month. [...]

Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this. [...]

Enlarge (credit: Getty Images ) PyPI—the open source repository that both large and small organizations use to download code libraries—was hosting 11 malicious packages that were downloaded more than 41,000 times in one of the latest reported such incidents threatening the software supply chain. JFrog, a security …

The MICROP ransomware spreads via Google Drive and locally stored passwords. [...]

Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it. [...]

Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific ‘ephemeral’ aspect of the project-management tool to link to SharePoint phishing pages. [...]

WordPress sites have been splashed with ransomware warnings that are as real as dime-store cobwebs made out of spun polyester. [...]

National Cyber Security Centre says cyberattacks at record high and urges businesses not to pay up The National Cyber Security Centre (NCSC) said it tackled a record number of cyber incidents in the UK over the last year, with ransomware attacks originating from Russia dominating its activities. The cybersecurity …

Hank Schless, senior manager of security solutions at Lookout, discusses AbstractEmu, mobile malware found on Google Play, Amazon Appstore and the Samsung Galaxy Store. [...]