malware
Why the Belarus Railways Hack Marks a First for Ransomware
The politically motivated attack represents a new frontier for hacktivists—and won’t be the last of its kind.
Destructive Hacks Against Ukraine Echo Its Last Cyberwar
A data wiper posing as ransomware bears a discomfiting resemblance to the earlier wave of Russian cyberattacks that ended with NotPetya.
NSO Group Spyware Targeted Dozens of Reporters in El Salvador
The newly disclosed campaign shows how little the company has done to curb abuses of its powerful surveillance tools.
Hackers Are Exploiting a Flaw Microsoft Fixed 9 Years Ago
Unless you go out of your way to install the patch, your system could be exposed.
Buckle Up for More Log4j Madness
Plus: An alleged spy, a ransomware arrest, and more of the week's top security news.
Meta Ousts 7 Surveillance-for-Hire Operations From Its Platforms
While NSO Group gets most of the attention, the takedowns underscore how insidious the industry has become.
The Next Wave of Log4J Attacks Will Be Brutal
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Google Warns That NSO Hacking Is On Par With Elite Spy Groups
ForcedEntry is “one of the most technically sophisticated exploits” Project Zero security researchers have ever seen.
The Log4J Vulnerability Will Haunt the Internet for Years
Hundreds of millions of devices are likely affected.
How to Guard Against Smishing Attacks on Your Phone
“Smishing" is an attempt to collect logins or other sensitive information with a malicious text message—and it's on the rise.
NSO Group Spyware Hits at Least 9 US State Department Phones
The incident lays bare how hollow the surveillance company’s reassurances about the limits of its hacking tools have always been.
A Bunch of Malicious Google Play Apps Stole User Banking Info
Using tricks to sidestep the app store’s restrictions, malware operators pillaged passwords, keystrokes, and other data.
What Is a Watering Hole Attack?
It's a technique that can hit thousands of victims—through no fault of their own.
The Pentagon Has Set Up a UFO Office
Plus: An Apple lawsuit, a GoDaddy breach, and more of the week's top security news.
Devious ‘Tardigrade’ Malware Hits Biomanufacturing Facilities
The surprisingly sophisticated attack is “actively spreading” throughout the industry.
How Hackers Hijacked Thousands of YouTube Accounts
Google has shed light on a spate of attacks that turned creator channels into cryptocurrency scam livestreams.
Hundreds of Scam Apps Hit Over 10 Million Android Devices
The so-called GriftHorse campaign used clever techniques to avoid detection in Google Play for nearly a year.
Even the CIA and NSA Use Ad Blockers to Stay Safe Online
Plus: The ransomware scourge continues, a massive botnet gets wounded, and more of the week’s top security news.
Ransomware Isn't Back. It Never Left
A recent wave of attacks belies an apparent lull toward the end of the summer.
It’s a Good Day to Update All Your Devices. Trust Us
iOS, Windows, and Chrome all have zero-day vulnerabilities that hackers are going after. Now that the fixes are here, you need to install them ASAP.
Why Ransomware Hackers Love a Holiday Weekend
Looking forward to Labor Day? So are ruthless gangs of cybercriminals.
The Stealthy iPhone Hacks That Apple Still Can't Stop
After another “zero-click” attack, security experts say it's time for more extreme measures to keep iMessage users safe.
Hackers Could Up Medication Doses Through Infusion Pump Flaws
It would take a determined hacker to break into the vulnerable B. Braun products, but the impact could be devastating.
A Controversial Tool Calls Out Vulnerabilities Across the Web
PunkSpider is back, and crawling hundreds of millions of sites for vulnerabilities.