Why is .US Being Used to Phish So Many of Us?
Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US…
U.S. Hacks QakBot, Quietly Removes Botnet Infections
The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement…
Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.
In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist…
Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’
WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to write malicious software without all the pesky prohibitions on such activity enforced by the…
How Malicious Android Apps Slip Into Disguise
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google…
Russia Sends Cybersecurity CEO to Jail for 14 Years
The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37,…
CISA Order Highlights Persistent Risk at Network Edge
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive…
Many Public Salesforce Sites are Leaking Private Data
A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures…
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel:…
Microsoft (& Apple) Patch Tuesday, April 2023 Edition
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks.…
- Go to the previous page
- 1
- …
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- …
- 13
- Go to the next page