Back when ransomware was just a startup industry, the primary goal of the attackers was simple: encrypt data, then extort a ransom in exchange for decrypting it. Because of this, cybercriminals mostly targeted commercial enterprises — companies that valued their data enough to justify a hefty payout. Schools and show more ...
Cylake's platform will analyze security data locally and identify potential attacks for organizations concerned about data sovereignty.
Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one in the same.
DPRK worker scams are old hat, but they're still working, thanks to AI tools that help with everything from face swapping to daily emails.
Using Anthropic's Claude, OpenAI's ChatGPT, and a detailed playbook prompt, a handful of cyberattackers reportedly gained access to government agencies and its citizens' data.
The European Union is taking new precautions as climate change and cybersecurity threats rise across the automotive industry.
Committee Democrats criticized the KIDS Act for including a weak knowledge standard that they said allows tech companies to escape accountability for online safety harms by claiming they are unaware kids are using their platforms and deserve protections.
The internet shutdown in Iran entered its sixth day on Friday, with human rights groups calling on the country's leaders to restore digital access.
Indonesia will ban social media for children under age 16 starting at the end of March, Communication and Digital Affairs Minister Meutya Hafid announced this week.
An FBI spokesperson said the agency "identified and addressed suspicious activities on FBI networks" after a platform supporting wiretaps was allegedly accessed during a February incident.
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow. It's worth
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma Stealer malware. The activity, observed in February 2026, makes use of the terminal emulator program instead of instructing users to launch the Windows Run dialog and paste a command
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed below - CVE-2017-7921 (CVSS score: 9.8) - An improper authentication vulnerability affecting
Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When done right, it builds client trust, increases upsell opportunities, and drives recurring revenue. But to deliver this consistently and efficiently, you need the right technology and processes.
New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding itself in several U.S. companies' networks, including banks, airports, non-profit, and the Israeli arm of a software company. The activity has been attributed to a state-sponsored hacking group called MuddyWater (aka Seedworm). It's affiliated with the Iranian
The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence (AI)-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" that are developed using lesser-known programming languages like Nim, Zig, and Crystal and rely on trusted services like
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOID#GEIST by Securonix Threat Research. At a high level, the obfuscated batch script is used to deploy a second
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA - one of the world's most prolific phishing-as-a-service platforms - has been dismantled. Read more in my article on the Hot for Security blog.
The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed
