Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure, according to company researchers. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks.
Microsoft and the Cybersecurity and Infrastructure Security Agency have issued warnings that a critical vulnerability in Windows Server dubbed "Zerologon" is being actively exploited in the wild. They urge users to immediately apply an available partial patch.
Facebook is again cracking down on fake accounts and pages linked to a Russian IRA troll farm or the country's military intelligence units that were being used for disinformation campaigns. Meanwhile, the FBI issued a fresh warning that threat actors are attempting to target U.S. voting infrastructure.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
The U.S. National Institute of Standards and Technology this week released a long-awaited guidance update, Special Publication 800-53 Revision 5, describing "next-generation security and privacy controls" and how to use them.
Shopify's announcement this week that two employees inappropriately accessed transactional data from 200 of the merchants that use its e-commerce platform demonstrates the importance of taking a "zero trust" approach to security and improving identity and access management capabilities, security experts say.
As the tally of reported heath data breaches related to the May ransomware attack on Blackbaud continues to climb, so do the number of lawsuits filed against the cloud-based fundraising software vendor.
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
The shift to online shopping - and card-not-present transactions - during the COVID-19 pandemic has driven fraudsters to shift their strategies, including ramping up efforts to open fraudulent accounts, says Gord Jamieson of Visa, who offers advice on mitigating the risks.
In an in-depth interview, Denyette DePierro of the American Bankers Association provides an overview of emerging regulatory issues, cloud security challenges and the use of social media apps for payments.
With less than 45 days to go before the November election, the FBI and CISA have issued a warning that nation-state hackers and cybercriminals may attempt to spread disinformation regarding the final vote tallies as a way to undermine confidence in the voting process.
With colder weather, the flu season and the holidays ahead, the northern hemisphere is at risk of another major COVID-19 outbreak. Pandemic expert Regina Phelps says it's time to change behavior, and that starts here: "Live like you're contagious."
A member of the now-defunct "Silk Road" darknet marketplace surrendered to authorities this week and immediately pleaded guilty to making false statements to federal agents regarding his involvement with the creation of the notorious website, according to the Justice Department.
The U.S. Cybersecurity and Infrastructure Security Agency is warning of an uptick in attacks using LokiBot, an information stealer capable of sweeping up credentials. Fraudsters are using new methods to spread the malware.