Subscribe
Subscribe to Newsletter

Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Hacker Compromises FBI Server to Send Fake Emails

    Hackers got into an email server at the FBI over the weekend to spread fake messages in an attempt to blame a cybersecurity expert for non-existent attacks, apparently in hopes of damaging his reputation. According to intelligence organization Spamhaus and subsequent reports, the hackers sent out emails with the false accusations in two waves to…

  • DDoS Attacks Skyrocket, Kaspersky Researchers Say

    Distributed denial of service (DDoS) attacks soared in the third quarter, giving organizations yet another cyber threat to worry about. Kaspersky researchers reported that total attacks were up by about a third from the second quarter. Even the slowest days saw 500 DDoS attacks; the busiest day, Aug. 18, saw a whopping 8,825 attacks. Kaspersky…

  • Arrest in Kaseya Attack Highlights Government Ransomware Progress

    U.S. law enforcement officials this week announced the indictments of a Ukrainian national and a Russian citizen in connection with ransomware campaigns by the recently shuttered REvil cybercriminal group, including the high-profile attack on IT software vendor Kaseya earlier this year. The indictments followed an announcement by European officials that they had arrested five REvil…

  • U.S. State Department Puts $10 Million Bounty on DarkSide Ransomware Group

    The United States government is putting a $10 million bounty on the leaders of the DarkSide cybercriminal organization, the ransomware group behind the attack earlier this year on Colonial Pipeline that caused major gas shortages and long lines at filling stations in the Southeast. The reward, announced this week by the State Department, is the…

  • MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

    It’s been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities. CISA ordered federal agencies to patch a list of nearly 300 vulnerabilities, and encouraged private organizations to fix them too. CISA said the list will be updated as any vulnerability meets three…

  • Fake Company Sheds Light on Ransomware Group Tactics

    Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. This followed reports that Russia may or may not be cracking down on ransomware groups, which followed…

  • ‘Trojan Source’ a Threat to All Source Code, Languages

    Researchers have outlined a method that could be used by bad actors to push vulnerabilities into source code that are invisible to human code reviewers. In a paper released this week, two researchers at the University of Cambridge in the UK wrote that the method – which they dub “Trojan Source” – essentially can be…

  • SolarMarker Attackers Use SEO Poisoning to Push Malicious Code

    Cybercriminals leveraging the SolarMarker .NET-based backdoor are using a technique called SEO poisoning to drive malicious payloads into victims’ systems so they can gain access to the credentials and data within. According to researchers at Menlo Security, the SolarMarker campaign is one of two such efforts they’ve seen in recent months using SEO poisoning to…

  • SolarWinds Attackers Targeting Resellers, Service Providers: Microsoft

    The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week. In a blog post, Tom Burt, corporate vice president of customer security and trust at Microsoft, wrote that the hacker group…

  • Multi-Party Cyberattacks Lead to Big Losses: Security Researchers

    The attacks on SolarWinds and Kaseya over the past year put a spotlight on how an attack on a single company can have downstream consequences on the victim’s partners and customers. The attackers used the entry they gained into the companies to fan out into businesses and government agencies, stealing data and forcing some to…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List