Spam was on the rise in Q2, with video fraud and COVID-19-related efforts in the mix. [...]

The decryptor is of little use to other companies hit in the spate of attacks unleashed before the notorious ransomware group went dark, researchers said. [...]

Experts urged enterprises to patch fast: SAP vulnerabilities are being weaponized in a matter of hours. [...]

Some bad actors are honing tools to go after small fry: This variant was refined to target not one, but two vendors’ devices that are common in SOHO setups. [...]

Is fuzzing for the cybersec elite, or should it be accessible to all software developers? FuzzCon panelists say join the party as they share fuzzing wins & fails. [...]

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online. [...]

Researchers have found an entirely new attack vector for eavesdropping on Zoom and other virtual meetings. [...]

A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. [...]

Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan. [...]

The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand …

The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. [...]

Security researchers warned that at least 8,800 vulnerable systems are open to compromise. [...]

Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. [...]

Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-. [...]

IBM X-Force detailed the custom-made "LittleLooter" data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof. [...]

We're selfish if we're only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let's be like doctors battling COVID and work for herd immunity. [...]

Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered. [...]

Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020. [...]

Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456. [...]

Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware. [...]

Mass email distribution service compromise mirrors earlier Nobelium attacks. [...]

Agency warns attackers targeting teleworkers to steal corporate data. [...]

There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do? [...]

Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them. [...]

They’re either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling. [...]