The Lapsus$ ransomware gang is extorting Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso, the country’s largest TV channel and weekly newspaper, respectively.

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that’s beyond the reach of the user and security solutions.

Researcher Bob Diachenko found a server exposing over 6 million RedLine logs collected in August and September 2021. The threat actor likely used it to store stolen data but failed to secure it.

Earlier this week, the ACLU of Rhode Island asked RIPTA to explain why the personal information of people with no connection to the agency was included in the data breach.

A member of the AvosLocker operation told BleepingComputer today that they have no policy on who they target but usually avoid encrypting government entities and hospitals.

Attackers don’t seem to care about getting caught anymore. We have seen an increase in the temerity of cyberattacks by nation-states, such as the attack by Russian threat actors on SolarWinds.

Present Joe Biden signed the K-12 Cybersecurity Act into law, which lays out four objectives with the goal of strengthening the cybersecurity of the United States’ K-12 educational institutions.

The number of malicious dormant domains is on the rise, and as Palo Alto Networks Unit 42 researchers warn, roughly 22.3% of strategically aged domains pose some form of danger.

Amid extreme concerns of cyber warfare from Russia, Ukraine’s President Volodymyr Zelensky announced the launch of a new information security strategy policy that came into effect earlier this week.

M&A creates a period of transition, where new ownership and management teams are coming into or out of their roles. This transitional phase presents a perfect opportunity for cybercriminals to attack.