Towards the end of 2017, Chinese cyber-spies have engaged in a hacking spree that targeted at least four US think tanks and an additional two non-governmental organizations (NGOs), researchers from US firm Crowdstrike revealed in a report published last week.
Security researchers from FireEye's Mandiant investigative division have spotted a new form of malware that's capable of targeting industrial equipment. FireEye named this malware TRITON and said they've spotted a threat actor deploying it in live attacks.
Security researchers have found a way to reverse the effects of an NSA hacking utility that deletes event logs from compromised machines.
The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones.
The Ethiopian government used spyware acquired from an Israeli company to spy on dissidents living in the country and abroad, but government operatives have failed when configuring their command and control (C&C) server, exposing a list of all their targets.
Behzad Mesri, the Iranian national the US has accused of hacking HBO this year, is part of an elite Iranian cyber-espionage unit known in infosec circles as Charming Kitten, according to a report released yesterday by Israeli firm ClearSky Cybersecurity.
US authorities have acted on one of the worst-kept secrets in cyber-security and have filed official charges against three Chinese hackers part of one of China's elite cyber-espionage unit.
The Chinese vulnerability disclosure program is lagging behind when it comes to publishing details about critical flaws and vulnerabilities exploited by Chinese-linked cyber-espionage groups.
A cyber-espionage group believed to be operating out of China has been deploying malware in the past two years that disguises as control panel link (CPL) files.
Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.
Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year.
Russian cyber-security vendor Kaspersky Lab published today a report detailing its side of events on the whole Kaspersky-stole-US-government-files-for-Russia saga.
A Russian cyber-espionage group has tried to infect security researchers with malware via a spear-phishing campaign that can easily receive a Pwnie Awards nomination for one of the year's biggest epic fails.
A cyber-espionage group identified in the cyber-security industry as APT28 and believed to be operating under the supervision of the Russian state has recently dispatched several malware distribution campaigns that try to take advantage of a Flash zero-day vulnerability that Adobe patched earlier this week.
A remote access trojan (RAT) known as Hacker's Door has resurfaced in active infections after being seen the last time in 2004-2005.
Five former employees told Reuters that Microsoft quietly dealt with a hack of its vulnerabilities and bug reports database back in 2013 without telling anyone.
Last week, Adobe claimed it wouldn't release security updates for the first time since July 2012 because it had nothing to patch. Less than six days later, the company released a critical update for Flash Player that fixes a zero-day vulnerability exploited in live attacks.
Both Office Depot and Best Buy have removed Kaspersky Lab products from shelves. The ban has been in effect since mid-September, and the two chains are offering existing Kaspersky customers replacement security software.
A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread.
During their investigation of NetTravler, Kaspersky Lab researchers discovered an unusual backdoor that could have helped another attacker access one of their main servers, and then use the group's infrastructure or steal data.