A China-based cyber campaign dubbed “Nansh0u” has targeted tens of thousands of unsecured Windows MS-SQL and PHPMyAdmin servers worldwide.
Security experts setup a honeypot to lure attackers into an exposed insecure MySQL server and install GandCrab ransomware.
A new Mirai botnet variant has evolved to exploit 13 different vulnerabilities found on routers, surveillance products and other internet of things (IoT) devices.
A vulnerability in Facebook’s WhatsApp could allow attackers to install spyware on impacted smartphones.
Baltimore City computer network has been a victim of a ransomware attack that has taken data for hostage and knocked out city services.
Threat actors behind a cyber attack campaign DNSpionage have been changing their tactics by delivering a new malware dubbed “Karkoff” in an effort to avoid detection.
Cisco’s Talos security team has observed ongoing malware distribution campaigns that use a new version of a keylogger and password stealer “HawkEye Reborn v9.”
Researchers at FireEye have discovered links between the FIN6 cyber criminal group and LockerGoga and Ryuk ransomware used in recent cyber attacks.
A newly discovered botnet dubbed Xwo has been scanning the internet for exposed web services and default passwords. The malware was discovered by AT&T’s Alien Labs back in March and is related to malware families MongoLock and Xbash.
A new threat report warns of LockerGoga ransomware activity disrupting networks of industrial and manufacturing organizations in Norway and in the U.S.