As per a study by Netskope, most (66.4%) of malware instances in Q2 2021 started with cloud storage apps. They were followed by collaboration apps and development tools at 8.5% and 7.8%, respectively.

The Tamil Nadu state government’s Public Department was the victim of a ransomware attack on Sept. 18-19, Neeraj Mittal, principal secretary at the state’s IT department, confirmed to IANS.

REvil leadership did indeed create a backdoor that enabled them to cut off ransom negotiations between victims and the gang’s own affiliates and pocket the entire ransom payment.

The Global Commission on the Stability of Cyberspace (GCSC) is worried its guidance on preventing the internet and all it connects becoming a casualty of war is being misinterpreted.

The proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher.

Flagged by researchers Erye Hernandez and Clément Lecigne of Google’s Threat Analysis Group and Ian Beer of Google Project Zero, the vulnerability is a type confusion issue found in XNU, the kernel of Apple’s macOS and iOS operating systems.

Guardicore security researcher Amit Serper has discovered a severe design bug in MIcrosoft Exchange’s autodiscover – a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords.

The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile European Union officials, journalists, and the general public.

The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.”

The vulnerability could potentially allow a remote unauthenticated attacker the ability to delete arbitrary files from an SMA 100 series appliance and gain administrator access to the device.