Popular third-party chat platforms like Slack, Discord, and Telegram are just a few of the many new productivity applications that are being hijacked by cybercriminals to create command-and-control (C&C) communications infrastructures for their malware campaigns. As corporate security teams become more aware of traditional malware threats and deploy new security solutions to defend against them, […]

Ransomware — the malware that encrypts all your data and makes you pay a ransom in order to (hopefully) get it back — is the big new threat. So you need to know everything you can about it. Read more

Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors have made patches available today, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should

When Edward Snowden walked out of the NSA in 2013 with thumb drives full of its most secret files, the agency didn’t have a reliable list of people—like Snowden—who had privileged access to its networks. Nor did it have a reliable list of those who were authorized to use removable media to transfer data to

Canadian hacker Karim Baratov, accused of working with Russian intelligence agents in the 2014 Yahoo breach, may deny the right to fight a US extradition request, Reuters reports, citing the cybercriminal’s lawyer. Read more

Britain’s cyber security skills gap has shrunk by more than a third in the last two years thanks to a surge in interest from potential candidates, according to job site Indeed. Researchers tracked the number of cyber security roles advertised and the number of clicks from candidates to gauge the mismatch between supply and demand,

A huge trove of voter data, including personal information and voter profiling data on what’s thought to be every registered US voter dating back more than a decade, has been found on an exposed and unsecured server, ZDNet has learned. Read more

The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year’s total. Honeypots laid out by Kaspersky Lab researchers mimicking a number of connected devices running Linux have attracted more than 7,200 different malware samples through May, all bent on infecting connected devices

In a recent automated attack, a large bot army hacked into accounts using brute-force methodology and a highly accurate username and password list. PerimiterX researchers discovered that by overwhelming sites with requests from a network of tens of thousands of Internet of Things devices such as Canon printers and network devices, and with each bot

A form of banking Trojan malware has evolved a new attack technique and is using infected machines as control servers – even after its ability to steal data has been removed by security products. Qakbot is a worm which can spread through the networks and is capable of stealing credentials, opening a backdoor on the