A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.

Microsoft patched 95 vulnerabilities today, including two under attack.

Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.

Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers.

Some customers are irked it took GameStop months to inform them that their personal and financial information could have been compromised in a breach of GameStop.com that began in August 2016.

Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

IBM quietly released a workaround fix for a vulnerability in its Spectrum Protect enterprise backup software it has known about since September 2016.

Researchers have discovered a shared backend infrastructure between the Jaff ransomware and a black market carder shop.

Pandemic is a Windows implant built by the CIA that turns file servers into Patient Zero on a local network, infecting machines requesting files with Trojanized replacements.

FireEye said threat actors are using the NSA’s EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT.