Threatpost

Ransomware actors are turning their sights on larger enterprises, making both average cost and downtime inflicted from attacks skyrocket.

The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.

The newly-introduced bill targets the Patriot Act's Section 215, previously used by the U.S. government to collect telephone data from millions of Americans.

The honeypot demonstrates the various security concerns plaguing vulnerable industrial control systems.

The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.

The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.

The malware uses thousands of partner websites to spread malvertising code.

The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.

New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.

The competition targets the systems that run critical infrastructure and more.

A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn't going away anytime soon.

The newest version of the sLoad malware dropper comes equipped with infection tracking capabilities and an anti-analysis trick.

The trove of information is potentially a scammer's bonanza.

Palo Alto Networks’ Unit 42 researchers observed a variant of the wormlike botnet that adds scanner technology to brute-force Web authentication.

More than half of security experts think that the good outweighs the bad when it comes to proof-of-concept exploits, according to a recent Threatpost poll.

A sophisticated malware-as-a-service phishing kit includes full customer service and anti-detection technologies.

Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products.

New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.

CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.