Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. The campaigns are tied to ...

Fox-IT’s report on the DigiNotar hack shows that all eight of the company’s certificate authority servers were compromised in the attack on the certificate authority and that the company could ...

Weakness in Drone Protocol The ExpressLRS protocol utilizes what is called a “binding phrase,” a kind of identifier that ensures the correct transmitter is talking to the correct receiver. The ...

5 GPU Display Driver Security Bugs The most severe of the five bugs in the GPU display driver is tracked as CVE-2021-1074, which rates 7.5 out of 10 on the CVSS vulnerability scale, making it high ...

Microsoft is warning its customers about the so-called “FakeUpdates” campaigns in a non-public security advisory, according to a report in Bleeping Computer. The campaign is targeting various ...

The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves ...

A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery ...

Through the first half of 2022, 34 percent of all unique phishing attacks tracked by the researchers impersonated financial services brands. The next most popular industry for criminals to abuse ...

Russia is offering its own trusted Transport Layer Security (TLS) certificate authority (CA) to replace certificates that need to be renewed by foreign countries. As it is, a pile of sanctions ...

Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. Three vulnerabilities in the IP video-surveillance systems created ...

Multiple Accellion FTA customers, including the Jones Day Law Firm, Kroger and Singtel, have all been attacked by the group, receiving extortion emails threatening to publish stolen data on the ...

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.