Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Arrest in Kaseya Attack Highlights Government Ransomware Progress

    U.S. law enforcement officials this week announced the indictments of a Ukrainian national and a Russian citizen in connection with ransomware campaigns by the recently shuttered REvil cybercriminal group, including the high-profile attack on IT software vendor Kaseya earlier this year. The indictments followed an announcement by European officials that they had arrested five REvil…

  • U.S. State Department Puts $10 Million Bounty on DarkSide Ransomware Group

    The United States government is putting a $10 million bounty on the leaders of the DarkSide cybercriminal organization, the ransomware group behind the attack earlier this year on Colonial Pipeline that caused major gas shortages and long lines at filling stations in the Southeast. The reward, announced this week by the State Department, is the…

  • MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

    It’s been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities. CISA ordered federal agencies to patch a list of nearly 300 vulnerabilities, and encouraged private organizations to fix them too. CISA said the list will be updated as any vulnerability meets three…

  • Fake Company Sheds Light on Ransomware Group Tactics

    Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. This followed reports that Russia may or may not be cracking down on ransomware groups, which followed…

  • ‘Trojan Source’ a Threat to All Source Code, Languages

    Researchers have outlined a method that could be used by bad actors to push vulnerabilities into source code that are invisible to human code reviewers. In a paper released this week, two researchers at the University of Cambridge in the UK wrote that the method – which they dub “Trojan Source” – essentially can be…

  • SolarMarker Attackers Use SEO Poisoning to Push Malicious Code

    Cybercriminals leveraging the SolarMarker .NET-based backdoor are using a technique called SEO poisoning to drive malicious payloads into victims’ systems so they can gain access to the credentials and data within. According to researchers at Menlo Security, the SolarMarker campaign is one of two such efforts they’ve seen in recent months using SEO poisoning to…

  • SolarWinds Attackers Targeting Resellers, Service Providers: Microsoft

    The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week. In a blog post, Tom Burt, corporate vice president of customer security and trust at Microsoft, wrote that the hacker group…

  • Multi-Party Cyberattacks Lead to Big Losses: Security Researchers

    The attacks on SolarWinds and Kaseya over the past year put a spotlight on how an attack on a single company can have downstream consequences on the victim’s partners and customers. The attackers used the entry they gained into the companies to fan out into businesses and government agencies, stealing data and forcing some to…

  • ThycoticCentrify Ransomware Report: 83 Percent of Victims Paying Ransom

    The bulk of companies hit by ransomware are deciding that paying the ransom is the best and fastest way to get their businesses back online, despite growing pressure from the federal government and some in industry to not give into the cybercriminals’ demands. A report this week by researchers at ThycoticCentrify – the result of…

  • Application Security is Key to Stopping Ransomware, Vendor Says

    Recent news headlines have shown how vulnerable even large companies with many resources at their disposal are to ransomware. While these attacks may feel inevitable, there are measures that businesses can take to protect themselves. One vendor says application security may be the key to stopping ransomware. Preventing Ransomware with Application Security How ransomware accesses…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List