Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

ransomware breach hackers dark web
Quantum computing / security

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]

APT actor ToddyCat hits government and military targets in Europe and Asia

The previously undocumented APT group has been targeting high-profile organizations in Asia and Europe for over a year.

1 network internet connected grid earth power satellite view

Space-based assets aren’t immune to cyberattacks

Russia's attack on Viasat satellites exposed how vulnerable space-based assets are and the potential for spillover damage.

CSO  >  Botnet  >  Robots amid a blue binary matrix

New peer-to-peer botnet Panchan hijacks Linux servers

The botnet built by the platform-independent worm malware currently enables cryptomining.

binary code, magnifying lens, skull and crossbones

11 infamous malware attacks: The first and the worst

Whether by dumb luck or ruthless skill, these malware attacks left their mark on the internet.

data pipeline primary

How the Colonial Pipeline attack has changed cybersecurity

On the one-year anniversary of the Colonial Pipeline attack, industry insiders reflect on the event's effect on cybersecurity practice and perception.

cso security breach hack gettyimages 966835276 by metamorworks

OPM's $63 million breach settlement offer: Is it enough?

The nature and scope of the data stolen in the U.S. Office of Personnel Management presents a life-long risk to victims, who might get as little as $700 if the court accepts the settlement.

A magnifying lens exposes an exploit amid binary code.

Microsoft gives mitigation advice for Follina vulnerability exploitable via Office apps

The actively exploited flaw allows attackers to use malicious Word documents to perform remote code execution through Microsoft Support Diagnostic Tool.

ransomware breach hackers dark web

Conti ransomware explained: What you need to know about this aggressive criminal group

The Conti ransomware group is less likely to help victims restore encrypted files and more likely to leak exfiltrated data.

binary highway

Uber CISO's trial underscores the importance of truth, transparency, and trust

The criminal trial offers a lesson in the value of both CISOs and organizations adhering to a policy of truth, transparency and trust when it comes to security.

The shadow of hand unsettlingly hovers over a keyboard.

China's cyber espionage focus: intellectual property theft

The recently uncovered Operation CuckooBees campaign shows how serious China is about using IP theft as a competitive advantage. Protect IP now or chase it later.

Security system alert: 'DANGER'

Five Eyes nations warn MSPs of stepped-up cybersecurity threats

The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.

president joe biden image

A year later, Biden’s cybersecurity executive order driving positive change

Notable experts say the cybersecurity executive order has improved the nation's security posture, but more work is to be done.

binary code, magnifying lens, skull and crossbones

Threat hunters expose novel IceApple attack framework

Suspected state-sponsored threat actor uses IceApple to target technology, academic and government sectors with deceptive software.

backdoor / abstract security circuits, locks and data blocks

Stealthy Linux implant BPFdoor compromised organizations globally for years

The China-linked backdoor takes advantage of the Berkeley Packet Filter on Unix systems to hide its presence.

Security system alert, warning of a cyberattack.

HackerOne launches Attack Resistance Management solution to boost cyber resilience

Vulnerability coordination and bug bounty platform says its new solution addresses attack resistance gaps by blending the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement.

Zero-trust

Zero-click attacks explained, and why they are so dangerous

Zero-click attacks, especially when combined with zero-day vulnerabilities, are difficult to detect and becoming more common.

Cybercrime

Chinese APT group Mustang Panda targets European and Russian organizations

Latest campaigns by Mustang Panda highlight the threat actor's versatility in terms of the tools and techniques it is able to use.

CSO: Have you met these hackers? [slide 04]

Chinese APT group Winnti stole trade secrets in years-long undetected campaign

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection.

Load More