A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian authorities describe him as "the most prolific cybercriminal we've identified in Canada," but so far they've released few other details about the investigation or the defendant. Helpfully, an email address and nickname apparently connected to the accused offer some additional clues.

Cybercriminals are increasingly adopting "living-off-the-land’ techniques, leveraging commonly used tools to fly under the radar of conventional detection tools. But with AI, thousands of organizations have regained the upper hand.

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases.

Industrial control systems security firm reaches $635M in funding with this Series E round.

Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.

Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned.

Now-patched bugs were easy to exploit, but required prior authentication/network access

By Waqas

Google has also filed a lawsuit against the alleged Russian threat actors and operators of Glupteba Botnet.

This is a post from HackRead.com Read the original post: Google discrupts Glupteba blockchain botnet that infected 1mn PCs

DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike's arsenal.

Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances.