The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves ...

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal ...

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report.

Phishing emails target a bank's users with malware - and make their landing page look more legitimate with fake Google reCAPTCHAs.

Attackers are using an under-the-radar PowerPoint file to hide malicious executables that can rewrite Windows registry settings to take over an end user’s computer, researchers have found.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Adobe patched 36 flaws, including critical vulnerabilities in Acrobat and Reader and its DNG Software Development Kit.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates ...