For the latest discoveries in cyber research for the week of 2nd December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Supply chain software provider Blue Yonder was...

Mikhail Matveev, aka WazaWaka, had worked with several ransomware groups, including Babuk, Conti, Darkside, Hive and LockBit

Bologna FC has revealed a ransomware attack, with data on players, fans and employees thought to have been stolen

ESET's CEO unpacks the complexities of cybersecurity in today’s hyper-connected world and highlights the power of innovation in stopping digital threats in their tracks

Interpol’s Operation Haechi V has led to the arrest of over 5500 individuals and seizure of $400m obtained via online fraud

Comprehensive, action-oriented workflows and key metrics are the cornerstones of a successful exposure response program. Here’s what you need to know.In today’s fast-paced digital landscape,...

Keeping vulnerability management efforts focused on achievable goals is key to avoiding cybersecurity team burnout. Here’s how exposure response workflows and SLAs can help.As organizations grow...

Brands have been at the mercy of the algorithm when it comes to where their ads appear online, but they’re about to get more control.

Learned helplessness and lack of prioritization are two vulnerability management pitfalls cybersecurity teams face. Here’s how an exposure response program can help.In today’s complex...

Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows. [...]

In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation of the browser. [...]

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Google Chrome's upcoming feature uses AI to provide a summary of reviews from independent websites about the store or website you're visiting. [...]

Companies often struggle with how to respond to cybersecurity incidents. According to one recent poll, only three out of five organizations have an incident response plan in place, and only around...

Key Takeaways Private Threat Briefs: Over 20 private DFIR reports annually. Threat Feed: Focuses on tracking Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, etc. All Intel:...

CVE-2023-46604 is a critical Remote Code Execution (RCE) vulnerability in Apache ActiveMQ. This vulnerability may allow a remote attacker with network access to a broker to run arbitrary commands...

Hunting Rhadamanthys Infrastructure in the 2024 Holiday Season

Despite advancements in cybersecurity tools, human vulnerability remains the weakest link, with phishing among the most dangerous forms…

AhnLab SEcurity intelligence Response Center (ASEC) has covered the attack cases targeting CVE-2023-46604 vulnerability in past blog posts. Systems without vulnerability patch are still being...

A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state...

A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state...

AI is transforming business in 2025, from hyper-personalization to ethical AI. Success lies in mastering it to enhance innovation, efficiency, and trust while staying competitive.

Mikhail Pavlovich Matveev (aka Wazawaka) has been wanted by the FBI since 2023.

A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report...

Uncovering Shared Malware Infrastructure

A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...]

needrestart is a tool that probes the system to see if a system or service needs to be restarted. It's called when using apt-get upgrade when a shared library does not exist on the system anyone....

Cross-Site Request Forgery (CSRF) attacks have been mitigated largely by browser protections like SameSite cookie flags and pre-flight requests. Some technically work because of browser behavior...

On Friday, the United Nations Agency for Digital Technologies said it is partnering with the International Telecommunication Union (ITU) and International Cable Protection Committee (ICPC) to...

Bologna FC's confirmation comes days after the RansomHub ransomware gang claimed to have attacked the club and stolen financial and medical documents.