Threatpost

Cybercriminal gang Darkside sent $20K in donations to charities in a ‘Robin Hood’ effort that’s likely intended to draw attention to future data dumps, according to experts.

The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.

Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.

Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth.

A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched.

With Stanford research showing that nearly half of the U.S. labor force is now working from home full-time, insider threats are a much more difficult problem.

The company already patched an API flaw that allowed a security researcher to use the app to find the real identity of drivers using it.

"Nuke Bizzle" faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, "EDD."

DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks.

The espionage tool masquerades as legitimate applications and robs victims blind of their data.

Brazilians are warned of a new Vizom malware masquerading as video conferencing and browser software.

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours.

A new threat report shows that APTs are switching up their tactics when exploiting Microsoft services like Exchange and OWA, in order to avoid detection.

In both cases, cybercriminals claim to have reams of information for the popular gaming titles.

The shift to remote working spurred Microsoft and Amazon to the top of the heap for cybercriminals to use as lures in the third quarter.

Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams -- all with the same infrastructure.

The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution.

Google's Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden's presidential campaign.

Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.