The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups.
A cyber-espionage group believed to be operating out of China has been deploying malware in the past two years that disguises as control panel link (CPL) files.
Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.
Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year.
Russian cyber-security vendor Kaspersky Lab published today a report detailing its side of events on the whole Kaspersky-stole-US-government-files-for-Russia saga.
A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails.
A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week.
A remote access trojan (RAT) known as Hacker's Door has resurfaced in active infections after being seen the last time in 2004-2005.
Five former employees told Reuters that Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone.
Last week, Adobe claimed it wouldn't release security updates for the first time since July 2012 because it had nothing to patch. Less than six days later, the company released a critical update for Flash Player that fixes a zero-day vulnerability exploited in live attacks.
Both Office Depot and Best Buy have removed Kaspersky Lab products from shelves. The ban has been in effect since mid-September, and the two chains are offering existing Kaspersky customers replacement security software.
A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread.
During their investigation of NetTravler, Kaspersky Lab researchers discovered an unusual backdoor that could have helped another attacker access one of their main servers, and then use the group's infrastructure or steal data.
Employees of US NGOs Fight for the Future and Free Press were targeted with complex spear-phishing attempts between July 7 and August 8, reported today the Electronic Frontier Foundation (EFF).
Earlier today, Avast published a full list of companies affected by the second-stage CCleaner malware, as part of its ongoing investigation into the CCleaner hack that took place last week.
The CCleaner hack that took place over the summer and came to light this week might have been carried out by an infamous cyber-espionage group believed to be operating out of China.
US cyber-security firm Symantec has issued a warning today against a group of nation-state hackers that have managed to infiltrate several US and European energy firms, and are now in the dangerous position of sabotaging critical infrastructure if they wished to.
According to a new law voted in 2016 and which came into effect starting June 1, 2017, foreign companies activating in China could be forced to provide access to their source code to a state agency that has been recently linked to China's nation-state cyber-espionage campaigns.
A cyber-espionage group believed to be operating out of Russia for the past two decades has deployed a new backdoor trojan on computers at embassies in Southeast Europe, former Soviet states, and some South American countries.
A cyber-espionage unit is using the recent Game of Thrones episode leaks to lure targets into opening malicious documents sent via email.