Cybercrime | News, how-tos, features, reviews, and videos
Reports identifying a $75 million ransom payment made in March by a Fortune 50 company raise some questions.
Once accepted, the attackers tell developers to download a Node.js project as part of a practical test. The trojanized project on launch deploys a RAT and infostealer malware targeting all major OS platforms.
The cost can’t be completely quantified, but 70% of breached organizations reported significant disruption to their businesses.
The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.
Last week’s patched Microsoft file spoofing flaw has been exploited in the wild by APT group Void Banshee by resurrecting Internet Explorer without the user’s knowledge.
A post-mortem of a recent ransomware attack illustrates the continued importance of basic security controls such as patching in withstanding an evolving cybercrime threat.
A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions.
The Indirector attack discovered by University of California San Diego researchers focuses on the indirect branch predictor of a CPU.
File encryption malware used by RansomHub appears to be a modified variant of the Knight ransomware, also known as Cyclops.
Several intrusions employing diverse and sophisticated tools sought to exfiltrate sensitive military and technical information of the unnamed government, according to a report by Sophos.