2.5 million people were affected, in a breach that could spell more trouble down the line. EdFinancial and the Oklahoma Student Loan Authority (OSLA) are notifying over 2.5 million loanees that ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by far ...

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

Networking giant says attackers gained initial access to an employee’s VPN client via a compromised Google account. Cisco Systems revealed details of a May hack by the Yanluowang ransomware ...

Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being exploited in the wild. The bug (CVE-2022-34713) is tied to a Microsoft Windows Support Diagnostic ...

Other stealers use Discord as their messaging platform of choice for storing stolen data. One stealer observed by Intel 471, known as Blitzed Grabber, uses Discord’s webhooks feature to deposit ...

Through the first half of 2022, 34 percent of all unique phishing attacks tracked by the researchers impersonated financial services brands. The next most popular industry for criminals to abuse ...

Weakness in Drone Protocol The ExpressLRS protocol utilizes what is called a “binding phrase,” a kind of identifier that ensures the correct transmitter is talking to the correct receiver. The ...

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks.

Attackers can target iPhones even when they are turned off due to how Apple implements standalone wireless features Bluetooth, Near Field Communication (NFC ) and Ultra-wideband ( UWB ...

Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.