Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. [...]

The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks. [...]

Researchers say a hacker is selling access to quality malware for chump change. [...]

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. [...]

A sophisticated campaign utilizes a novel anti-detection method. [...]

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things …

The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default. [...]

Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of …

A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs. [...]

Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia. [...]

Fortinet's Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams. [...]

Connections that show the cybercriminal teams are working together signal shifts in their respective tactics and an expansion of opportunities to target victims. [...]

Enlarge (credit: cravetiger | Getty Images) Malware designed to target industrial control systems like power grids, factories, water utilities, and oil refineries represents a rare species of digital badness. So when the United States government warns of a piece of code built to target not just one of those industries …

Threat actors have developed custom modules to compromise various ICS devices as well as Windows workstations that pose an imminent threat, particularly to energy providers. [...]

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. There’s also no …

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had …

Enlarge (credit: Getty Images | Sundry Photography) More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station's circuit …

Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay. [...]

The APT28 (Advanced persistence threat) is operating since 2009, this group has worked under different names such as Sofacy, Sednit, Strontium Storm, Fancy Bear, Iron Twilight, and Pawn. [...]

Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times. [...]

The Justice Department announced the disruption of a Russian GRU-controlled botnet: The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm …

Huntress Labs R&D Director Jamie Levy busts the old “Macs don’t get viruses” myth and offers tips on how MacOS malware differs and how to protect against it. [...]

This fresh malware strain extends the functionality of typical trojans with advanced functionality and a series of modules for launching various types of threat activity. [...]

Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia. [...]

QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. [...]