A Kremlin-backed group tracked as Secret Blizzard or Turla recently used existing cybercrime infrastructure for an espionage campaign aimed at Ukrainian military devices.
BforeAI has discovered a surge in phishing attacks targeting the Dubai Police, a government-run entity. Learn how cybercriminals are exploiting the Dubai Police name to steal personal information...
A new report by Fortress Information Security reveals that 90 percent of software products used by critical infrastructure... The post Fortress reports security risks in Chinese software...
DeNexus, a vendor of end-to-end cyber risk management for OT (operational technology), announced the expansion of its cyber... The post DeNexus expands DeRISK solution to boost physical security...
CI-ISAC Australia, a not-for-profit organization dedicated to cybersecurity and operating on a membership model, announced that Group-IB, a... The post CI-ISAC Australia welcomes Group-IB as...
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. [...]
A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year...
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals. [...]
Security researchers have discovered multiple vulnerabilities in the infotainment units used in some Skoda cars that could allow malicious actors to remotely trigger certain controls and track the...
Russian-made spyware BoneSpy and PlainGnome target former Soviet states, while public security bureaus in mainland China use Chinese surveillance tool EagleMsgSpy
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]
Proxy and anonymization networks have been dominating the headlines, this piece discusses its origins and evolution on the threat landscape with specific focus on state sponsored abuse.
An insurance employee has been handed a suspended sentence after illegally accessing personal information
HP Wolf reveals that 79% of IT security decision makers are lacking in crucial hardware and firmware expertise
Byte Federal, one of the largest Bitcoin ATM operators in the U.S., said the personal data of thousands of customers may have been compromised during a recent breach. In a filing with Maine’s...
The E.U. Cyber Resilience Act has officially come into effect, representing a significant advancement in the EU’s mission... The post EU Cyber Resilience Act takes effect, brings new era of...
Ron Wyden, a Democratic Senator from Oregon, has introduced a draft bill that requires the Federal Communications Commission... The post Senator Wyden proposes FCC cybersecurity mandate following...
Following the October disclosure of its Dray:Break research, which uncovered 14 new vulnerabilities in DrayTek devices, Forescout Technologies... The post Forescout details insights on ransomware...
You are not alone, ChatGPT and Sora AI are down worldwide. OpenAI says it is aware of the…
In April of 2023, a malicious proposer tricked the Ultrasound relay into revealing the contents of a block by committing an invalid block initially. This allowed for the attacker to perform an...
The rise of social media and digital communication has transformed how we connect, but it has also opened…
Byte Federal, the largest US Bitcoin ATM operator, experienced a data breach in November 2024, exposing the sensitive data of 58,000 customers. Hackers exploited an unspecified GitLab...
Anchor is a common framework for building Solana contracts. Compared to vanilla Solana contracts, it adds many safety features and makes it easier to write secure code. Frameworks that compile...
The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices...
The annual defense spending bill contains money the FCC has sought to use to reimburse telecommunications carriers for removing Chinese equipment. The post Senators, witnesses: $3B for ‘rip and...
These cutting-edge devices offer up to 30% improved performance while reducing power consumption by 19%, making them the perfect solution for organizations looking to enhance security and...
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking...
December marked a quiet month with 70 vulnerabilities patched, plus updates from outside of Microsoft.
A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response...
The researchers said development of the EagleMsgSpy tool has continued throughout 2024, with the company behind it adding new capabilities and obfuscation features.