Subscribe
Subscribe to Newsletter

Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Cloudflare: Mirai Botnet Launched Record-Breaking DDoS Attack

    Cloudflare last month fought off a massive distributed denial-of-service (DDoS) attack by a botnet that was bombarding 17.2 million requests per second (rps) at one of the internet infrastructure company’s customers in the financial services space. The attack was almost three times larger than any previous attack that Cloudflare is aware of, according to Omar…

  • Attackers Exploit Flaw that Could Impact Millions of Routers, IoT Devices

    Cybercriminals using an IP address in China are trying to exploit a vulnerability disclosed earlier this month to deploy a variant of the Mirai malware on network routers affected by the vulnerability, according to researchers with Juniper Threat Labs. In a recent blog post, the researchers said the bad actors are looking to leverage a…

  • Malvertising Campaign Targets IoT Devices: GeoEdge

    A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers ad security and quality solutions to online and mobile advertisers. The executives said the “malvertising” campaign – which was uncovered by GeoEdge’s…

  • Supply Chain Flaws Found in Python Package Repository

    Administrators overseeing the Python Package Index (PyPI) in recent days found themselves responding to vulnerabilities found in the repository of open source software, the latest security problems to hit the Python community. Most recently, the PyPI group sent out fixes for three vulnerabilities that were discovered by security researcher RyotaK and published on his blog.…

  • Free Ransomware Decryption Site Celebrates Milestone as New Threats Emerge

    As Europol celebrated the fifth anniversary of its anti-ransomware initiative this week, menacing new ransomware threats made it clear that the fight against cyber threats is never-ending. The EU law enforcement cooperation agency said its No More Ransom website has saved ransomware victims almost a billion Euros with free ransomware decryption tools. Europol has launched…

  • What are Common Types of Social Engineering Attacks?

    Social engineering is a common technique that cybercriminals use to lure their victims into a false sense of security. Usually, social engineering involves impersonation, deception, and psychological manipulation that ultimately creates an environment where a victim feels either comfortable or pressured to share sensitive information or perform a specific action. As social engineering tactics become…

  • FBI, CISA Reveal Most Exploited Vulnerabilities

    The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) joined counterparts in the UK and Australia today to announce the top 30 vulnerabilities exploited since the start of the pandemic. The list, a joint effort with the Australian Cyber Security Centre (ACSC) and the UK’s National Cyber Security Centre (NCSC), details vulnerabilities –…

  • LemonDuck Shows Malware Can Evolve, Putting Linux and Microsoft at Risk

    The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft. At the same time,…

  • Kaseya Breach Underscores Vulnerability of IT Management Tools

    Managed service providers (MSPs) have long relied on third-party software to manage clients’ IT infrastructure, but a massive ransomware attack launched over the weekend at customers of Kaseya will likely cause MSPs to take a harder look at the security of their IT suppliers. Kaseya revealed late Friday night that a zero-day vulnerability in its…

  • LinkedIn Hack is Scraped Data, Company Claims

    A hacker who recently offered 700 million LinkedIn records for sale alarmed LinkedIn users and security specialists, but the company insists the data is linked to previously reported scraped data and wasn’t hacked. The RaidForums post offering the data included a sample users’ full names, genders, birthdates, LinkedIn user names, Facebook user names, Twitter user…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List