The UK’s National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys
Acronis Threat Research found 2M+ malicious URLs & 5,000+ malware instances in Microsoft 365 backup data—demonstrating how built-in security isn't always enough. Don't let threats persist in your...
Threat actors are looking to compromise Google accounts to further malvertising and data theft
In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE, debuted a concept for security vulnerabilities that laid the groundwork for the common...
Each Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to make the shift from vulnerability management to exposure management. In this blog,...
A year and a half ago I wrote a blog post describing how browsers’ cache system can be abused to drop malware on targets’ computers. As of today, this technique is still relevant. Browsers haven’t...
This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 54 threat intelligence reports and created a concise summary of the findings, along with the relevant...
The European Union’s landscape of serious and organized crime is undergoing a significant transformation, according to the latest EU-SOCTA 2025 report released by Europol. This comprehensive...
Matthew Weiss, the former Co-Offensive Coordinator and Quarterbacks Coach at the University of Michigan, has been indicted on serious charges related to unauthorized access to computers and...
Companies in the EU are starting to look for ways to ditch Amazon, Google, and Microsoft cloud services amid fears of rising security risks from the US. But cutting ties won’t be easy.
At MWC 2025, Google confirmed it was working on screen and video share capabilities for Gemini Live, codenamed "Project Astra". At that time, Google promised that the feature would begin rolling...
Sygnia uncovered a prolonged cyber-espionage campaign targeting a major Asian telecom provider, orchestrated by a China-nexus APT group dubbed Weaver Ant. The group maintained stealthy, long-term...
Learn the easiest way to delete duplicate photos on your iPhone device with our simple, step-by-step guide.
Gartner describes infrastructure as code (IaC) as a key way to unlock the potential of the cloud. However,…
AhnLab SEcurity intelligence Center (ASEC) recently identified the distribution of GuLoader malware via a phishing email by impersonating a famous international shipping company. The phishing...
Key Points VanHelsing RaaS In recent weeks, a new and rapidly expanding ransomware-as-a-service (RaaS) program called VanHelsingRaaS has been making waves in the cybercrime world. Launched on...
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something...
The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks. [...]
With cyber attacks and threats continuing to escalate in tandem with geopolitical tensions, consequence-based cyber risk management has... The post Choosing consequence-based cyber risk management...
Cybercriminals are always looking for new ways to take advantage of people. One effective method they use is…
This article is the result of a collaboration with The Sunday Times. You can find their corresponding piece here. On the last Friday in December, a German businessman in his mid-40s allegedly met...
Counterfeit products are a growing problem in today’s market. With advancements in technology, counterfeiters have become more skilled…
AI systems are becoming a huge part of our lives, but they are not perfect. Red teaming helps…
Cybercriminals are skilled at using public information to their advantage. Knowing how they gather this data can help…
Following last week’s creation of a new Council for National Security, the U.S. Federal Communications Commission (FCC) has... The post US FCC launches probes into CCP-linked entities amid...
Oracle denies breach claims as hacker alleges access to 6 million cloud records. CloudSEK reports a potential zero-day exploit affecting 140,000 tenants.
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to...
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. [...]
Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]
Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. [...]