2FA Bypassed in $34.6M Heist
Critical Cisco StarOS Bug Grants Root Access via Debug Mode
Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug
Pervasive Apple Safari Bug Exposes Web-Browsing Data, Google IDs
Red Cross Begs Attackers Not to Leak Stolen Data for 515K People
SEC Filing Reveals Fortune 500 Firm Targeted in Ransomware Attack
Jail for prolific romance fraudster who fleeced besotted lonely hearts
Smashing Security podcast #258: Tesla remote hijacks and revolting YouTubers
Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say
Box 2FA Bypass Opens User Accounts to Attack
Beijing Olympics App Flaws Allow Man-in-the-Middle Attacks
Cloned Dept. of Labor Site Hawks Fake Government Contracts
Nine-year-old kids are launching DDoS attacks against schools
Will 2022 Be the Year of the Software Bill of Materials?
The Log4j Vulnerability Puts Pressure on the Security World
Cybercriminals Actively Target VMware vSphere with Cryptominers
‘White Rabbit’ Ransomware May Be FIN8’s Latest Tool
Critical ManageEngine Desktop Server Bug Opens Orgs to Malware
Organizations Face a ‘Losing Battle’ Against Vulnerabilities
A bad day in the office for the REvil ransomware gang, as Russia arrests 14 members
Data-wiping malware hitting Ukrainian computers displays fake ransom demand
Top Illicit Carding Marketplace UniCC Abruptly Shuts Down  
Real Big Phish: Mobile Phishing & Managing User Fallibility
Critical Cisco Contact Center Bug Threatens Customer-Service Havoc
‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites
Talking cyber on the ManageEngine Insights podcast
Russian Security Takes Down REvil Ransomware Gang
Three Plugins with Same Bug Put 84K WordPress Sites at Risk
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
Microsoft Yanks Buggy Windows Server Updates
North Korean APTs Stole ~$400M in Crypto in 2021
US Military Ties Prolific MuddyWater Cyberespionage APT to Iran
New GootLoader Campaign Targets Accounting, Law Firms
Hackers are posting out malicious USB drives to businesses
Smashing Security podcast #257: Pokemon-hunting cops and the Spine Collector scammer
Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft
Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign
Stolen TikTok Videos, Bent on Fraud, Invade YouTube Shorts
New York AG Warns 17 Firms of Credential Attacks
Hackers raided Panasonic server for months, stealing personal data of job seekers
Phishers Rip Off High-Profile EA Gamers
Here’s REALLY How to Do Zero-Trust Security
Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days
MacOS Bug Could Let Creeps Snoop On You
WordPress Bugs Exploded in 2021, Most Exploitable
FIN7 Mails Malicious USB Sticks to Drop Ransomware
‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS
Critical SonicWall NAC Vulnerability Stems from Apache Mods
Hacking group accidentally infects itself with Remote Access Trojan horse
Millions of Routers Exposed to RCE by USB Kernel Bug