NSO Group plans to fight the trade ban, saying it's "dismayed" and clinging to the mantra that its tools actually help to prevent terrorism and crime. [...]

The Magecart threat actor uses a browser script to evade detection by researchers and sandboxes so it targets only victims’ machines to steal credentials and personal info. [...]

Decision against company at heart of Pegasus project reflects deep concern about impact of spyware on US national security interests NSO Group has been placed on a US blacklist by the Biden administration after it determined the Israeli spyware maker has acted “contrary to the foreign policy and national …

The banker, aka Metamorfo, is roaring back after Spanish police arrested more than a dozen gang members. [...]

The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new "Tortilla" threat actor. [...]

The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies. [...]

‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations. [...]

Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency. [...]

Aamir Lakhani, security researcher at Fortinet, says no sector is off limits these days: It's time for everyone to strengthen the kill chain. [...]

German investigators have identified a deep-pocketed, big-spending Russian billionaire whom they suspect of being a core member of the REvil ransomware gang. [...]

Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. [...]

Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti. [...]

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader. [...]

Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.” [...]

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet. [...]

UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million times, to extort money through a fake premium SMS subscription service. [...]

The bold move signals a looming clash between Russian ransomware groups and the U.S. [...]

An SQL-injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. [...]

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. [...]

Jeremy Fleming says ransomware is proliferating as it is ‘largely uncontested’ and highly profitable The head of the UK spy agency GCHQ has disclosed that the number of ransomware attacks on British institutions has doubled in the past year. Jeremy Fleming, the director of GCHQ, said locking files and …

The infamous Carbanak operator is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure "pen-testing" company. [...]

A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline. [...]

The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk. [...]

A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. [...]

If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds. [...]