There are a number of ways to increase password strength, but it all means nothing if your credentials are stolen. A series of new phishing campaigns shows increased focus on info-stealing tactics.

A storm supercell turned disastrous on December 10–11, with more than 50 tornadoes spawning across eight U.S. states. One tornado alone left a path of destruction more than 225 miles (402 km) long, affecting four states.

Kronos, the provider of workforce management and human capital management solutions, has suffered a significant ransomware attack that threatens to disrupt payroll and timesheet processing services for its customer organizations.

A graph recently released by the National Institute of Standards and Technology (NIST) shows that for the fifth year in a row, there have been a record-breaking number of reported vulnerabilities.

Notepad++, one of the most popular, and free, text and source code editors for Windows systems, is being used by attackers to distribute malware.

The notorious Emotet malware, which recently returned from a hiatus after its botnet was dismantled by a joint task force early this year, has begun installing Cobalt Strike directly — a deviation from its typical tactic of installing a trojan like TrickBot or Qbot and then delivering Cobalt Strike through it.

Late last week, a critical zero-day vulnerability in the popular Java logging library Log4j surfaced when attackers were observed exploiting Minecraft servers via the game’s chat box. It has since become clear that the vulnerability in question poses perhaps the largest security threat we’ve seen in years.Details are still unfolding, but here’s what we know now.