SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.

Through the first half of 2022, 34 percent of all unique phishing attacks tracked by the researchers impersonated financial services brands. The next most popular industry for criminals to abuse ...

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.

With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released,” researchers have determined that Lockbit was by far ...

One phishing campaign tracked by researchers appear to abuse an Amazon service called Amazon Simple Email Service (SES), designed to let developers send email messages from apps. The campaign ...

Weakness in Drone Protocol The ExpressLRS protocol utilizes what is called a “binding phrase,” a kind of identifier that ensures the correct transmitter is talking to the correct receiver. The ...

The notorious FIN7 cybercrime gang, a financially motivated group, is spreading a backdoor called Lizar under the guise of being a Windows pen-testing tool for ethical hackers.

Microsoft’s Spam Confidence Level (SCL) – a measure of the perceived legitimacy of any given email – assigned these malicious emails a score of ‘-1.’ In SCL, -1 is the lowest possible ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.

Here’s what cybersecurity watchers want infosec pros to know heading into 2022. No one could have predicted the sheer chaos the cybersecurity industry would experience over the course of 2021 ...

Other stealers use Discord as their messaging platform of choice for storing stolen data. One stealer observed by Intel 471, known as Blitzed Grabber, uses Discord’s webhooks feature to deposit ...