Threatpost

When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics.

Data exposed included search terms, location coordinates, and device information - but no personal data.

The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability.

Anyone on the same Wi-Fi network can force websites to launch, with no user interaction.

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.

With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.

Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.

Enterprise security teams are "drowning in alerts."

As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.

Maze continues to adopt tactics from rival cybercrime gangs.

Mozi’s spike comes amid a huge increase in overall IoT botnet activity.

Release of iOS 14 and iPadOS 14 brings fixes 11 bugs, some rated high-severity.

The official app store is taking on spy- and surveillance-ware, along with apps that could be used to mount political-influence campaigns.

Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.

The attack on the Newhall District in Valencia is part of a wave of ransomware attacks on the education sector, which shows no sign of dissipating.

The China-linked threat group RedDelta has continued to launch cyberattacks against Catholic institutions since May 2020 until as recently as last week.

More people being online during lockdowns and work-from-home shifts has proven to be lucrative for DDoS-ers.

The two hackers allegedly hacked more than 50 websites hosted in the U.S. and vandalized them with pro-Iran messages.

Cynet's report shares several interesting data points and findings, such as the cyberattack volume change observed in various industry sectors, the increased use of spearphishing as an initial attack vector, and the approaches being used to distribute malware in spearphishing attacks.

The 'BLESA' flaw affects the reconnection process that occurs when a device moves back into range after losing or dropping its pairing, Purdue researchers said.