Threatpost

Ransomware group releases decryptors for nearly 3,000 victims, forfeiting millions in payouts.    

Ransomware gangs are increasingly buying their way into corporate networks, purchasing access from 'vendors' that have previously installed backdoors on targets.

An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios.

A supply-chain component lays open camera feeds to remote attackers thanks to a critical security vulnerability.

SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.

Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations.

Forcepoint’s Michael Crouse talks about risk-adaptive data-protection approaches and how to develop a behavior-based approach to insider threats and risk, particularly with pandemic-expanded network perimeters.

Forcepoint’s Nico Fischbach, global CTO and VPE of SASE, and Chase Cunningham, chief strategy officer at Ericom Software, on using SASE to make Zero Trust real.

Decision throws out previous ruling in favor of hiQ Labs that prevented Microsoft’s business networking platform to forbid the company from harvesting public info from user profiles.

Apple patched two bugs impacting its Safari browser WebKit engine that it said are actively being exploited.

Utilities’ vulnerability to application exploits goes from bad to worse in just weeks.  

Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services.

An analysis of the campaign revealed Cyberium, an active Mirai-variant malware hosting site.

Nearly all of the leaked data was for owners or wannabe owners of the automaker’s luxury brand of Audis, now at greater risk for phishing, ransomware or car theft.

A trio of security flaws open the door to remote-code execution and a malware tsunami.

Purchase automation software delivered shortened URLs without protections.

"We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote.

CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer.

Airlines are warned to scour networks for traces of the campaign, likely the work of APT41, lurking in networks.

There were more than 80 million login credentials for sale, used to inflict over $200 million in losses in the U.S. alone.