Hackers gained initial access to the civilian agency two months after a mandatory deadline to patch the vulnerability had expired.

While AeroBlade’s techniques are more sophisticated in many ways, security pros say the initial attack vector was a common spearphishing attack – something U.S. companies must do a better job protecting against.

Ongoing exploitation of unpatched instances of a Microsoft Exchange flaw is being tied to Russia-linked APT28 or Fancy Bear.

The company told SC Media about 14,000 accounts were accessed, with millions more DNA Relatives caught in the crossfire.

The move by the threat actors to attack 32-bit MIPS processors reflects an attempt to propagate the P2Pinfect malware to a broader range of targets.

Default passwords enabled the Iranian-linked APT to compromise Israeli-made control systems at water and wastewater facilities, a public aquarium and a brewery.

iOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2 updates resolve the vulnerabilities.

All roads in the FNF case lead to a ransomware incident, but there’s still no confirmation which group executed the attack or if a ransom was paid.

Analysis reveals 18 of ransomware gang Black Basta’s 300-plus victims were extorted over $1 million each, with one handed over $9 million.

Ethical hackers at AppOmni claimed a $5,000 bug bounty for discovering the Zoom Rooms vulnerability, disclosed at a conference last summer.