The airline announced the breach on Thursday, and the ransomware gang started a countdown clock the next day. [...]

Firm offers guidance on how to mitigate a five-months-old privilege escalation bug impacting Parallels Desktop 16 for Mac and all previous versions. [...]

Kerry Matre, Mandiant senior director, clears up misconceptions about the value to business for enterprise cyber-defense. Hint: It's not achieving visibility. [...]

The latest refinement of the APT's BadHatch backdoor can leverage new malware on the fly without redeployment, making it potent and nimble. [...]

The cybercriminal group, active since late 2019, has closed its doors and released the key to unlocking victims’ files on its dark web portal. [...]

Splunk’s Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells. [...]

Now adults, the then-teens apparently used clipboard hijacking malware to steal Bitcoin. [...]

Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2021. [...]

The new APT uses an undocumented backdoor to infiltrate the education, retail and government sectors. [...]

Cybersecurity watchdog Citizen Lab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple's new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists – even one living in London at the time. [...]

Researchers have spotted the latest version of the Triada trojan targeting mobile devices via an advertising SDK. [...]

Chad Anderson, senior security researcher for DomainTools, demonstrates how seemingly disparate pieces of infrastructure information can form perfect fingerprints for tracking cyberattackers' infrastructure. [...]

Campaign emails company insiders and initially offers 1 million in Bitcoin if they install DemonWare on an organization’s network. [...]

New scam spreads to Australia from Europe, targeting thousands of Android users Thousands of Australians have been hit by a new scam text message known as Flubot, which aims to install malware on their phones. Flubot is a type of malware targeting Android users, but iPhone users can also …

Oliver Tavakoli, CTO at Vectra, lays out the different layers of ransomware defense all companies should implement. [...]

The North Korea-linked APT group leverages known Internet Explorer vulns for watering-hole attacks. [...]

The apps attempt to swindle users into buying in-app upgrades or clicking on masses of ads. [...]

The botnet cryptominer has already compromised 1,000-plus clouds since June. [...]

Fresh attacks target companies' employees, promising millions of dollars in exchange for valid account credentials for initial access. [...]

Lost productivity & mopping up after the costly attacks that follow phishing – BEC & ransomware in particular – eat up most costs, not payouts to crooks. [...]

There’s an entirely new attack surface in Exchange, a researcher revealed at Black Hat, and threat actors are now exploiting servers vulnerable to the RCE bugs. [...]

The Pakistan-linked threat group's campaign uses compromised WordPress sites to deliver the Warzone RAT to manufacturing companies in Taiwan and South Korea. [...]

Illicit underground marketplace relaunches years after takedown. [...]

A crush of new attacks using the well-known adware involves at least 150 updated samples, many of which aren't recognized by Apple's built-in security controls. [...]

Unit 42 puts the average payout at over half a million, while Barracuda has tracked a 64 percent year over year spike in the number of attacks. [...]