DHS and the FBI warned that North Korean attackers are targeting U.S. businesses with malware- and botnet-related attacks that are part of concerted effort dubbed “Hidden Cobra.”

Microsoft patched 95 vulnerabilities today, including two under attack.

A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.

Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.

Some customers are irked it took GameStop months to inform them that their personal and financial information could have been compromised in a breach of GameStop.com that began in August 2016.

Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers.

IBM quietly released a workaround fix for a vulnerability in its Spectrum Protect enterprise backup software it has known about since September 2016.

Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

Researchers have discovered a shared backend infrastructure between the Jaff ransomware and a black market carder shop.

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT.