Threatpost

The Ryuk scourge has a new trick in its arsenal: Self-replication via SMB shares and port scanning.

A snapshot of the 2020 mobile threat landscape reveals major shifts toward adware and threats to online banks.

Gootloader has expanded its payloads beyond the Gootkit malware family, using Google SEO poisoning to gain traction.

The Distributed Denial of Secrets group claim they have received more than 70 gigabytes of data exfiltrated from social media platform Gab.

Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.

Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.

COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware.

A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies.

Sneaker bots are scooping up the new Yeezy "Ash Blue" and "Quantum" shoes to resell at a huge markup.

From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.

Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor.

Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device.

Vietnam joins the ranks of governments using spyware to crack down on human-rights defenders.

A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.

The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.

Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.

Quickbooks malware targets tax data for attackers to sell and use in phishing scams.

Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.

The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed to take over a system.

The hotly anticipated GeForce RTX 3060, a ray-tracing-friendly, advanced gaming graphics chip, will also throttle Ethereum mining.