Threatpost

Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.

Q3 DDoS attacks topped thousands daily, with more growth expected.

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.

Researchers have spotted a second, worldwide campaign exploiting the Zoho zero-day: one that’s breached defense, energy and healthcare organizations.

An FBI notification is warning of an uptick in attacks against tribal casinos.

CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.

Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, offers advice on least privilege, automation, application control and more.

Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds.

A savvy campaign impersonating the cybersecurity company skated past Microsoft email security.