The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.

QNAP has extended support and will keep issuing security updates for some end-of-life (EOL) network-attached storage (NAS) devices until October 2022.

The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations.

Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack.

The Security Service of Ukraine (SSU) today said the country is the target of an ongoing "wave of hybrid warfare," aiming to instill anxiety and undermine Ukrainian society's confidence in the state's ability to defend its citizens.

Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks.

Mozilla has removed the Yandex Search, Mail.ru, and OK.ru default search providers from the Firefox browser over reports of state-sponsored content favored in search results.

BSI, the federal cybersecurity authority in Germany, has issued a public statement to warn critical entities in the country against using Kaspersky antivirus software products.

Large-scale phishing activity using hundreds of domains to steal credentials for Naver, a Google-like online platform in South Korea, shows infrastructure overlaps linked to the TrickBot botnet.

Russia faces a critical IT storage crisis after Western cloud providers pulled out of the country, leaving Russia with only two more months before they run out of data storage.

The U.S. Federal Trade Commission (FTC) wants to slap the former owner of the CafePress custom t-shirt and merchandise site with a $500,000 fine for failing to secure its users' data and attempting to cover up a significant data breach impacting millions.

Security researchers tracking the mobile app ecosystem have noticed a recent spike in trojan infiltration on the Google Play Store, with one of the apps having over 500,000 installs.

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies.

The FBI says Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.

The ransomware space was very active in the last quarter of 2021, with threat analysts observing 722 distinct attacks deploying 34 different variants.

Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after the company erroneously blocked their bug bounty payouts following sanctions imposed on Russia and Belarus in the wake of Ukraine's invasion.

OpenSSL has released a security update to address a vulnerability in the library that, if exploited, activates an infinite loop function and leads to denial of service conditions.

The Emotet malware botnet is taking advantage of the 2022 U.S. tax season by sending out malicious emails pretending to be the Internal Revenue Service sending tax forms or federal returns.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks.

Internet security analysts have spotted a spike in backdoor infections on WordPress websites hosted on GoDaddy's Managed WordPress service, all featuring an identical backdoor payload.

Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems.