Written By Shane Schick

Collection #1 Data Breach Exposes Nearly 733 Million Records, Highlighting Need for Multifactor Authentication

The Collection #1 data breach, which exposed nearly 733 million unique email messages and 21 million passwords, underscores the urgent need for enterprises to adopt multifactor authentication.

University of Maryland Researchers Use Audio Files and AI to Defeat reCaptcha Challenges

University of Maryland researchers warn that with limited resources, threat actors could launch a successful cyberattack on Google's bot-detecting reCaptcha service.

The Dark Overlord Claims to Have Stolen Secrets of 9/11 Attacks in Law Firm Data Breach

The threat group known as The Dark Overlord has claimed responsibility for a law firm data breach involving files allegedly related to the 9/11 terrorist attacks.

New Variant of Mirai Malware Exploits Weak IoT Device Passwords to Conduct Brute-Force Attacks

Security researchers discovered a new variant of Mirai malware known as Miori that is targeting internet of things (IoT) devices to integrate into a larger botnet.

Threat Actors Utilize Spear Phishing Emails Impersonating US Department of State Employees

Microsoft Windows Defender Research discovered an attack campaign that utilized spear phishing emails impersonating U.S. Department of State employees to gain remote access to victims' machines.

Malspam Campaign Impersonates UK Businesses to Target Victims With Banking Trojan

Security researchers discovered a malspam campaign targeting British computer users with the Ursnif/Gozi/ISFB Trojan.

Magecart Group’s Use of Credit Card-Skimming JavaScript Attack on the Rise

An online retailer was hit by a JavaScript attack from a group associated with Magecart, a collective of cybercriminals that specializes in skimming credit card numbers from compromised websites.

SNAKEMACKEREL Group Uses Brexit-Themed Spear Phishing Attack to Target Government Agencies

Analysts discovered a new spear phishing attack campaign from the SNAKEMACKEREL group that uses fake Brexit-related documents to infiltrate major government agencies and steal information.

KingMiner Maxes Out Windows Server CPUs in Widespread Cryptomining Campaign

Researchers detected a cryptomining campaign brute-forcing IIS/SQL Microsoft servers using 100 percent of victims' compute resources.

FakeSpy And XLoader Mobile Malware May Come From Yanbian Gang

Security researchers revealed that two mobile malware threats, Xloader and FakeSpy, may have been developed and launched by the same cybercriminal group.