The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion.
The cybercrooks spread the COVID-19 relief scam via Telegram and WhatsApp, and ultimately harvest account credentials and even pics of IDs.
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
Threatpost's latest poll probes telehealth security risks and asks for IT cures.
Researchers warn of emails pretending to help business employees upgrade to Windows 10 - and then stealing their Outlook emails and passwords.
FinSpy has returned in new campaigns targeting dissident organizations in Egypt - and researchers uncovered new samples of the spyware targeting macOS and Linux users.
The Ryuk ransomware is suspected to be the culprit.
September saw dozens of Joker malware variants hitting Google Play and third-party app stores.
Twitter has fixed a caching issue that could have exposed developers' API keys and tokens.
Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals.
The client's default configuration for SSL-VPN has a certificate issue, researchers said.
The first half of 2020 saw decreases in attacks on most ICS sectors, but oil/gas firms and building automation saw upticks.
Privacy fears are blasting off after Amazon's Ring division unveiled the new Always Home Cam, a smart home security camera drone.
An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks.
The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
Patches and workaround fixes address flaws on networking hardware running Cisco IOS XE software.