An automated TDoS attack makes use of VoIP software and Session Initiation Protocol (SIP) to make tens or hundreds of calls, simultaneously or in rapid succession to jam targeted services.

Researchers discovered two pieces of malware in a span of two weeks that appear to run natively on Apple’s recently introduced M1 System-on-Chip (SoC).

Security researchers at Detectify have discovered a series of middleware misconfigurations in Nginx config files from GitHub that could leave web applications vulnerable to attack.

Kasablanca, a hacker group, has targeted cyberattacks on at least six well-known Bangladeshi financial and government organizations, says the e-Government Computer Incident Response Team (e-Gov CIRT).

One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others and the hack struck at about 100 U.S. companies and nine federal agencies.

MalwareBytes reported a newly discovered threat group named LazyScripter targeting the International Air Transport Association (IATA) members, airlines, and refugees to Canada.

The feature is included in the web browser’s latest release — alongside multiple picture-in-picture views — and essentially works by keeping cookies isolated between each site you visit.

The number of ransomware attacks targeting universities has doubled over the past year and the cost of ransomware demands is going up as information security teams struggle to fight off cyberattacks.

The attack chain begins with the exploit of remote code execution (RCE) vulnerabilities impacting software including Hadoop Yarn and Elasticsearch, such as CVE-2015-1427 and CVE-2019-9082.

A joint cybersecurity advisory from the U.S. government is warning against AppleJeus malware, the Lazarus group’s new development, that masquerades as crypto trading software.