The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. [...]

One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. [...]

BitMart confirmed it had been drained of ~$150 million in cryptocurrency assets, but a blockchain security firm said it's closer to $200 million. [...]

The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. [...]

It's unknown who's behind the cyberattacks against at least nine employees' iPhones, who are all involved in Ugandan diplomacy. [...]

The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. [...]

Jason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes. [...]

Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data. [...]

We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll! [...]

Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. [...]

The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts. [...]

Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. [...]

Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good thing. [...]

The insurer won’t pay for 'acts of cyber-war' or nation-state retaliation attacks. [...]

Millions of texts leading to the Flubot spyware/banking trojan are targeting everyone who uses Androids in the country, in an "exceptional" attack. [...]

Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. [...]

IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. [...]

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. [...]

Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself. [...]

Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday. [...]

Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen. [...]

That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky. [...]

The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins. [...]

Black Friday and Cyber Monday approach! Saryu Nayyar, CEO at Gurucul, discusses concerning statistics about skyrocketing online fraud during the festive season. [...]

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters. [...]