This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.
Stories by Lucian Constantin
FIN11, believed to be Russian-based, follows a trend of cyber criminal groups expanding their operations beyond financial crime.
New study shows that even security vendors can use outdated and vulnerable virtual appliances.
The Bahamut group targets high-value victims and takes meticulous care with its own operational security.
IPStorm's ability to infect Android, macOS and Windows devices as well as those that are Linux-based makes it much more dangerous.
Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network.
Evilnum, a group known for targeting financial technology companies, has added new malware and infection tricks to its arsenal, researchers warn.
APT-for-hire services will broaden the scope of who is vulnerable to that type of attack. SMBs in particular need to rethink threat models.
The Qbot Trojan has been plaguing businesses for over a decade and the cyber criminals behind it are still coming up with new tricks.
Companies are moving toward a DevSecOps approach to application development, but problems remain with security testing ownership.
Research presented at Black Hat conference highlights a new threat via protocol translation attacks and reveals nine flaws found in protocol gateways.
The vulnerability can also affect Windows systems. A patch is available, but will require manual testing and deployment.
Companies are ensuring network perimeters are secure against remote attacks but they don't pay the same level of attention to internal threats.
The SIGRed vulnerability can spread malware across a network without user interaction. Microsoft has issued an urgent patch.
New Google Cloud offerings for government provide in-process data encryption and the ability to restrict storage locations, respectively.