Researchers are warning that many domain name system server implementations are vulnerable to a spoofing attack that allows attackers to redirect, intercept and manipulate traffic. Thankfully, fixes are already arriving for this so-called SAD DNS flaw.
Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says.
Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet.
A recently uncovered banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky.
Louis Marinos of the European Cybersecurity Agency offers an analysis of the agency's new Threat Landscape 2020 report, which shows how cybercriminals have been advancing their capabilities, adapting quickly and targeting victims.
The good news: U.S. election security measures seem to have worked. The bad news: Disinformation and misinformation campaigns continue. Tom Kellermann, who served as a cybersecurity adviser to President Obama, offers advice for President-elect Joe Biden and others on protecting critical infrastructure.
Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system.
Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency are urging local government agencies to patch the Netlogon vulnerability known as Zerologon ahead of next Tuesday's presidential election to improve security. A "small number" of attacks exploiting the flaw are continuing, Microsoft says.
U.S Cyber Command and the Cybersecurity and Infrastructure Security Agency have issued warnings about two Russian hacking groups that are using updated malware to target government agencies around the world.
Turla, a hacking group based in Russia, is deploying a revamped set of customized tools to target potential victims, including a European government agency, for its espionage campaigns, according to Accenture.
The operators behind the Ryuk strain of malware are increasingly relying on a malware-as-a-service tool - the Buer loader - to deliver the malware, rather than botnets such as Trickbot and Emotet, the security firm Sophos reports.
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI have issued an alert providing details on the activities of a North Korean hacking group dubbed Kimsuky. The group, which has primarily focused on South Korean targets, has also conducted espionage campaigns in the U.S. and Japan.
Online disinformation campaigns by nation-state actors are the biggest cyberthreat to the U.S. election as hackers attempt to influence final vote tallies as a way to undermine confidence, according to a Digital Shadows report. Russian hackers are most active, followed by Iran and China.