Sift has raised $50 million in a funding round that values the company at over $1 billion. Insight Partners led the financing, which included participation from Union Square Ventures and Stripes.

On its website, the American multinational corporation has published screenshots of 14 “prominent fraudulent emails, texts, and posts” in which cyber-criminals are impersonating Costco.

As analyzed in reports from security researchers at Alibaba’s Aliyun, Juniper, and Lacework, Sysrv’s internal architecture follows the classic makeup of 99% of most botnets today.

The operators not only lock up files, but also steal data and threaten to leak it if the ransom isn’t paid, in a double-extortion gambit. They also demand multimillion-dollar ransoms.

A remote code execution (RCE) vulnerability in the central CocoaPods server could have potentially impacted up to three million mobile apps that relied on the open source package manager.

Turns out, all it takes for attackers to alter the “external sender” warning, or remove it altogether from emails is just a few lines of HTML and CSS code, as demonstrated by a researcher.

In June 2020, a user called ‘Unknown’ submitted a rather peculiar post on a popular Russian hacker forum, looking for people to join their ‘affiliate program’ which was believed to be from REvil.

As Linux attracts more attention from malicious actors, researchers have seen threats evolving — abusing services like Ngrok and using functions to hunt and kill other competing malware.

The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock markets globally.

The move comes after a group of UMN researchers were caught submitting a series of malicious code commits that deliberately introduced security vulnerabilities in the official Linux codebase.