A team of researchers at the Dutch Institute for Vulnerability Disclosure posted a pair of articles outlining how and when they found a series of vulnerabilities in the tools Kaseya provides to managed service providers (MSPs).

In a blog post, Rapid7 researchers said the vulnerabilities were fixed according to Rapid7’s vulnerability disclosure process and were patched in recent releases of Sage X3 Version 9.

The Federal Bureau of Investigation (FBI) warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses.

Kaspersky spotted WildPressure APT group deploying a new malware to target businesses in the oil and gas sector, through both Windows and macOS systems. Experts also noted some similarities in the techniques of the WildPressure APT and BlackShadow, which also targets organizations in the Middle East. The observation, however, wasn’t enough to come to any attribution […]

The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers.

Fake-account creation and utilizing fake accounts is a problem for not only social-media platforms but almost any enterprise that has a system that collects accounts for any purpose.

CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.

Conti is developed and maintained by the so-called TrickBot gang, and it is mainly operated through a RaaS affiliation model. The Conti ransomware is derived from the codebase of Ryuk.

The REvil ransomware gang’s attack on MSPs and their customers last week outwardly should have been successful, yet changes in their typical tactics and procedures have led to few ransom payments.

According to experts, the member “integra” has joined the forum in September 2012 and has gained a high reputation over the course of time. The threat actor aims at buying malware with zero detection.