Attackers can take advantage of the fact these apps access, gather, store and transmit more information than any other app their victims have installed. [...]

Anurag Kahol, CTO at Bitglass, discusses options for detecting malicious or dangerous activity from within an organization. [...]

A lot of Russian malware — the malware that targeted the Colonial Pipeline, for example — won’t install on computers with a Cyrillic keyboard installed. Brian Krebs wonders if this could be a useful defense: In Russia, for example, authorities there generally will not initiate a cybercrime investigation against one …

Separate attacks last week on the country’s Department of Health and Health Service Executive forced the shutdown of networks and services that still haven’t been fully restored. [...]

You can’t possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as tracked in a study of the underground exploit market. [...]

The latest Magecart iteration is finding success with a new PHP web shell skimmer. [...]

Keynoters from Cisco, Netflix and RSA highlighted lessons from the last year, and cybersecurity's new mandate in the post-pandemic world: Bounce back stronger. [...]

The criminal forum washed its hands of ransomware after DarkSide's pipeline attack & alleged shutdown: A "loss of servers" that didn't stop another attack. [...]

The advanced Brazilian malware has gone global, harvesting bank logins from Android mobile users. [...]

Pandemic and evolving IT demands are having a major, negative impact on CISOs' mental health, a survey found. [...]

The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines. [...]

The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil’s gonads shrank in response. [...]

The DBIR – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. [...]

Ransomware attackers are now demanding cash from the customers of victims too. [...]

According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key. [...]

An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships. [...]

The campaign is harvesting screenshots, keystrokes, credentials, webcam feeds, browser and clipboard data and more, with RevengeRAT or AsyncRAT payloads. [...]

FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware. [...]

Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand. [...]

An ingenious attack on Android devices self-propagates, with the potential for a range of damage. [...]

Aamir Lakhani, researcher at FortiGuard Labs, discusses leading-edge threats related to edge access/browsers/IoT, and the COVID-19 vaccine, as a way of getting into larger organizations. [...]

Analyst finds ransomware evidence, despite a contractor's denial of compromise. [...]

Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors. [...]

Security researchers mull possible perpetrators of the attack, and warned that the incident could be a harbinger of things to come. [...]

The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. [...]