A Chinese-speaking hacking group used a rare Unified Extensible Firmware Interface bootkit dubbed "MosaicRegressor" to target nongovernment organizations and diplomatic missions with an espionage campaign for two years, the security firm Kaspersky reports.
Security researchers are warning of a fresh wave of phishing emails with election-related lures that are designed to get users to click, opening the door to spreading the Emotet botnet or harvesting users' credentials.
A new malware variant dubbed Black-T developed by the hacker group TeamTnT targets exposed Docker daemon APIs to perform scanning and cryptojacking operations, according to researchers at Palo Alto Networks' Unit 42.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
U.S. President Donald Trump's positive COVID-19 test result may expose the country to increased nation-state mischief. And without a doubt, scammers, fraudsters and disinformation teams will attempt to exploit the news for their own goals.
Microsoft has issued additional instructions on how to better implement a patch to fix an elevation of privilege vulnerability called Zerologon in Windows Server that affects the Netlogon Remote Protocol. The update comes as Cisco Talos researchers report a spike in attempts to exploit the flaw.
William Dixon of the World Economic Forum is calling for the formation of a "quantum computing security coalition" to help build trust in the technology, which could play a key role in enhancing security.
A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to reports from Zscaler and Zimperium. The Joker apps can steal SMS messages, contact lists and device information from infected smartphones.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
The U.S. Cybersecurity and Infrastructure Security Agency has issued a report describing how a threat actor apparently used a well-known VPN vulnerability and compromised Office 365 credentials to gain administrative privileges to a federal agency's network.
Microsoft and the Cybersecurity and Infrastructure Security Agency have issued warnings that a critical vulnerability in Windows Server dubbed "Zerologon" is being actively exploited in the wild. They urge users to immediately apply an available partial patch.