Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links. Hackers are abusing the popular file-sharing service called WeTransfer to circumvent defensive email ...

Refusal to unlock the phones of a Florida shooter could set up another legal battle between Apple and the Feds over data privacy in the case of criminal investigations. Apple once again is drawing the ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign ...

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in ...

2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. Ransomware, supply-chain threats and how ...

The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. Fluffy is missing.

SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets. Gaming giant SEGA Europe recently discovered that its sensitive data was ...

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being ...

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client ...

The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data. A U.K. water supplier suffered a disruption in its ...

Agency warns attackers targeting teleworkers to steal corporate data. The U.S. National Security Agency is offering advice to security teams looking for wireless best practices to protect corporate ...