Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack.
Google has announced the Auto Update Expiration (AUE) date will be extended from 5 years to 10 for all Chromebooks, guaranteeing a decade of monthly security updates.
Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is causing recent service outages that prevent trucking companies from managing their fleets.
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.
The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident, impacting a wide range of customer services.
Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it paid a ransom to avoid the online leak of customer data stolen in a recent cyberattack.
Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023.
Security researcher Gabe Kirkpatrick has made a proof-of-concept (PoC) exploit available for CVE-2023-38146, aka "ThemeBleed," which enables attackers to trigger arbitrary remote code execution if the target opens a specially crafted '.theme' file.
United Kingdom's Greater Manchester Police (GMP) said earlier today that some of its employees' personal information was impacted by a ransomware attack that hit a third-party supplier.
Criminal IP, a cyber threat intelligence search engine, has achieved PCI DSS Level 1 certification. Learn more from Criminal IP about their cyber threat intelligence search engine.
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware.
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks.
The Agence Nationale des Fréquences (ANFR) has asked Apple to withdraw iPhone 12 smartphones from the French market because the device emits radiofrequency energy that is beyond the limit permitted to be absorbed by the human body.
Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations.
Training end-users to spot phishing has its benefits, but it's clear to see organizations as a whole have failed to make a dent in phishing attacks. Learn more from Specops Software on how phishers use social engineering to exploit human psychology.
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network.
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.
A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers.
Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks.