Online Security

Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the …

Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property …

Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. …

Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges …

A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators …

Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk …

In the classic children’s movie ‘The Princess Bride,’ one of the characters utters the phrase, “You keep using that word. I do not think it means what you think it …

Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that’s actively set its sights on government, telecommunications, information technology, and financial …

A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in …

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as …

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called Mēris. The botnet is believed to have pummeled the company’s …

The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat supports and develops CentOS, Red Hat suddenly announced that it’s …

The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. Two of …

The work-from-anywhere economy has opened up the possibility for your human resources team to source the best talent from anywhere. To scale their operations, organizations are leveraging the cloud to …

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability …

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to …

Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with “high confidence” to a threat …