Posts by category
- Category: Cyber Attacks
- Pro-Russia Killnet Group Hit Top Lithuanian websites with Massive DDoS Attacks
- APT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor
- President Putin’s Economic Forum Speech Delayed due to DDoS Attack
- Authorities Suspect Cyber Attack Behind False Rocket Sirens in Israel
- Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
- Europol Busts Phishing Gang Responsible for Millions in Losses
- Cloudflare Thwarted Largest Ever HTTPS DDoS Attack
- Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second
- Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners
- Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
- A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
- Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
- HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems
- DDoS Attack and Data Wiper Malware hit Computers in Ukraine
- Official website of Russian Parliament, MoD and Kremlin go offline
- Anonymous hacks Russian TV channels & EV charging station with pro-Ukraine messages
- Imperva mitigated series of massive ransom DDoS attacks
- 52 Critical Infrastructure Orgs Hit by Ragnar Locker Ransomware Gang
- The Growing Threat of Ransom DDoS Attacks Requires Effective Prevention and Mitigation
- Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
- Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack
- Emotet Botnet’s Latest Resurgence Spreads to Over 100,000 Computers
- Yet Another Data Wiping Malware Targeting Ukrainian Networks
- Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
- U.S. Government Warns Companies of Potential Russian Cyber Attacks
- U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide
- New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack
- Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks
- Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems
- Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware
- Hamas-linked Hackers Targeting High-Ranking Israelis Using ‘Catfish’ Lures
- U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
- Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
- New Hacking Campaign Targeting Ukrainian Government with IcedID Malware
- FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies
- Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure
- New Incident Report Reveals How Hive Ransomware Targets Organizations
- FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide
- Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak
- Cloudflare Thwarts Record DDoS Attack Peaking at 15 Million Requests Per Second
- Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine
- U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
- Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware
- Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
- Chinese “Override Panda” Hackers Resurface With New Espionage Attacks
- Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group
- Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers
- North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide
- U.S. Charged 2 Iranian Hackers for Threatening Voters During 2020 Presidential Election
- New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers
- Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps
- Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
- New Pingback Malware Using ICMP Tunneling to Evade C&C Detection
- e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata
- Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room
- Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs
- This Asia-Pacific Cyber Espionage Campaign Went Undetected for 5 Years
- U.S. Offers Rewards up to $5 Million for Information on North Korean Hackers
- British Hacker Accused of Blackmailing healthcare Firms Extradited to U.S.
- Landry’s Restaurant Chain Suffers Payment Card Theft Via PoS Malware
- PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
- A New Emerging IoT Botnet Malware Spotted in the Wild
- Russian Pleads Guilty to Running ‘CardPlanet’ to Sell Stolen Credit Cards
- Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims
- US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
- Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait
- Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests
- Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers
- Category: Cyber Crime
- Crooks Using Messenger Chatbots to Steal Login Data
- 10 Arrested for Involvement in Online Sexual Exploitation in Europe
- 5 ways cybercriminals steal credit card details
- ISPs Helping Attackers Install Hermit Spyware on Smartphones- Google
- Feds Dismantle Russian Rsocks Botnet Powered by Millions of IoT Devices
- 9 Years Jail for iCloud Phishing Scam Hacker Who Stole Nude Photos
- Admin of DDoS-For-Hire Service ‘DownThem’ Receives 2 Years Prison Sentence
- Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users
- Iran’s COBALT MIRAGE Threat Group Behind Ransomware Attacks in US
- Cardiologist Charged for Developing Jigsaw v.2 and Thanos Ransomware
- US Warns Firms About North Korean Hackers Posing as IT Workers
- SSNDOB Cybercrime Marketplace Seized in Intl. Coordinated Operation
- Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware
- New WhatsApp OTP Scam Allows Scammers to Hijack Your Account
- Fake Updates Continue To Be A Digital Risk: What To Do?
- Billions of stolen passwords for sale on the dark web
- Details of 142 million MGM hotel guests selling for US$2,900
- How much is your personal data worth on the dark web?
- FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals
- FBI warns of surge in online shopping scams
- Hackers Selling US Colleges VPN Credentials on Russian Forums- FBI
- Ritz London clients scammed after apparent data breach
- DDoS extortion campaign targets financial firms, retailers
- Emotet strikes Quebec’s Department of Justice: An ESET Analysis
- 5 ways cybercriminals can try to extort you
- FBI warns of threat actors spoofing Bureau domains, email accounts
- Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts
- $38 million worth of gift cards stolen and sold on dark web
- Cybercrime Syndicate Leader Behind Phishing and BEC Scams Arrested in Nigeria
- FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims
- INTERPOL aims to deal a blow to digital piracy
- DDoS attack knocks Belgian government websites offline
- European police bust major online investment fraud ring
- Hundreds of suspected criminals arrested after being tricked into using FBI‑run chat app
- Tracking ransomware cryptocurrency payments: What now for Bitcoin?
- Microsoft takes down large‑scale BEC operation
- Gaming industry under siege from cyberattacks during pandemic
- Black Hat 2021: Wanted posters for ransomware slingers
- Hackers swipe almost $100 million from major cryptocurrency exchange
- Dark HunTOR: 150 arrested, $31 million seized in major dark web bust
- Man charged with hacking major US sports leagues to illegally stream games
- Robinhood data breach affects 7 million people
- FBI systems compromised to send out fake attack alerts
- We’re going on Tor | WeLiveSecurity
- Hidden in plain sight: How the dark web is spilling onto social media
- ‘My bank account was in a shambles’: The ordeal of an identity theft victim
- More than 1,000 arrested in global crackdown on online fraud
- European police dismantle cybercrime ring with ties to Italian Mafia
- Man impersonates Apple support, steals 620,000 photos from iCloud accounts
- Global police shut down VPN service favored by cybercriminals
- Scams target families of missing persons, FBI warns
- Thousands of MongoDB databases ransacked, held for ransom
- Vast hack‑for‑hire scheme targeted thousands of people, organizations
- Crooks threaten to leak customer data stolen from e‑commerce sites
- Over 160 million user records put up for sale on the dark web
- Suspected member of The Dark Overlord arrested in Serbia
- Man faces up to 35 years in prison for helping hackers evade detection by anti‑virus software
- Cybercrime black markets: Dark web services and their prices
- Malta’s leading bank resumes operations after cyberheist‑induced shutdown
- Siegeware: When criminals take over your smart building
- Cyber‑extortionists take aim at lucrative targets
- Man jailed for destroying former employer’s data
- WannaCryptor ‘accidental hero’ pleads guilty to malware charges
- The aftermath of a data breach: A personal story
- Hackers steal 19 years’ worth of data from a top Australian university
- Why cybercriminals are eyeing smart buildings
- Hackers breach NASA, steal Mars mission data
- Notorious spy tool taken down in global operation
- Prison surveillance footage posted on YouTube
- Simple steps to protect yourself against identity theft
- FBI shuts down website selling billions of stolen records
- How to catch a cybercriminal: Tales from the digital forensics lab
- FBI: Cybercrime losses tripled over the last 5 years
- Category: GDPR
- Two years later, has GDPR fulfilled its promise?
- Avoid getting lost in encryption with these easy steps
- Buying encryption? Five good questions to ask before you do
- Is your SME ready for GDPR?
- Businesses and GDPR: What they need to do to be compliant?
- Are firms and regulators prepared for GDPR?
- Last call for GDPR | WeLiveSecurity
- GDPR: One rule to rule them all – legally
- Suspected GDPR violations prompt over 95,000 complaints
- GDPR one year on: Most Europeans know at least some of their rights
- Category: Hacking
- Wars and Lechery, Nothing Else Holds Fashion for Phishing Attacks
- Hackers Exploit Harmony’s Horizon Blockchain Bridge to Steal $100 Million
- 8 top ethical hacking certifications employers value
- This red flag may tell you if someone hacked into your Facebook account
- Here are Quick Cybersecurity Tips to Help You Stay Safe
- Elasticsearch Database Mess Up Exposed Login, PII Data of 30,000 Students
- British Airways suffers frequent flyer account hacking
- 6 ways hackers hide their tracks
- Government Institutions in India: A Popular Target for Hackers
- Anna Collard, SVP Content Strategy & Evangelist, KnowBe4 Africa Has Been Acknowledged as a Global Influencer in Cyber
- New MaliBot Android Malware Found Stealing Personal, Banking Data
- The hacker games that made beating security feel like a thrill
- 9 ways hackers will use machine learning to launch attacks
- Gallium hacking group deploys difficult-to-detect remote access malware
- Approaching Ransomware Victims Privately
- Russian Radio Station Hacked to Broadcast Ukrainian National Anthem
- Hand implant chip lets hacker attack Android phones via NFC
- FBI’s warning about Iranian firm highlights common cyberattack tactics
- U.S. Government Ordered Travel Companies To Spy On Russian Hacker For Years And Report His Whereabouts Every Week
- CyberheistNews Vol 12 #23 [Heads Up] Our Global Ransomware Damage Will Be More Than 265 Billion by 2031
- Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data
- Rash of hacktivism incidents accompany Russia’s invasion of Ukraine
- Bored Ape Yacht Club and Otherside Metaverse Discord servers reportedly hacked
- Why We Recommend Your Passwords Be Over 20-Characters Long
- Pegasus Airlines Leaked 6.5TB of Data in AWS S3 Bucket Mess Up
- Man-in-the-middle (MitM) attack definition and examples
- Chinese Firm That Accused NSA of Hacking Has Global Ambitions
- The $44 Billion Smishing Problem and How to Not Be a Victim
- Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1
- Up to 40,000 OnePlus customers potentially hit by credit card hack
- What is ethical hacking? Getting paid to break into computers
- 5 great modern hack & slash JRPGs to enjoy in 2022 (and 5 great turn-based JRPGs)
- We Do Not Talk Enough About Social Engineering and It’s Hurting Us
- Personal Data of Tens of Millions of Russians and Ukrainians Exposed Online
- What is a botnet? When infected devices attack
- The Mystery of China’s Sudden Saber-Rattling About US Hacking
- Ransomware Involved in 25% of Data Breaches as Credentials and Phishing are Seen as “Key Paths” for Attack Success
- 142 Million MGM Resorts Records Leaked on Telegram for Free Download
- Trends 2018: Democracy hack | WeLiveSecurity
- Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
- Viral TikTok Hack for Avocados Actually Dangerous, FDA Warns
- Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks
- Avoiding Risks by Using Secure Online Crypto Platform
- $1 million and a free car for anyone who can hack a Tesla Model 3
- Take LAPSUS$ teens seriously | CSO Online
- Michael Fish, Fraudster who hacked SUNY Plattsburgh student accounts, gets 9 ¼ years
- Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit
- DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
- On course for a good hacking
- Karakurt data thieves linked to larger Conti hacking group
- Anonymous claims Russian TV hack, broadcasting war
- KnowBe4’s Top-Clicked Phishing Email Results for Q4 2021 Compare the U.S. and EMEA [INFOGRAPHIC]
- “Get Your Free Omicron PCR test” is the latest Omicron phishing scam
- DEF CON 29: Satellite hacking 101
- Rainbow tables explained: How they work and why they’re (mostly) obsolete
- Clayster slams “blatant” Call of Duty Challengers hackers exposed in new videos
- When Cryptocurrency Investments Really Are Too Good To Be True
- 240+ top Microsoft Azure-hosted subdomains hacked to spread malware
- Reddit reveals breach as attacker circumvents staff’s 2FA
- Cyber LEAP Act aims for innovations through Cybersecurity Grand Challenges
- U.S. Says Chinese, Iranian Hackers Seek to Steal Coronavirus Research
- [HEADS UP] Experts Predict 30,000% Increase in COVID-19 Cybersecurity Threats
- Exercise tech firm Kinomap leaks 40GB worth of data with 42M records
- How a bank got hacked
- Microsoft Issues Emergency Security Update And Warns Of 3D Graphics Hack
- See me On-Demand at the WSJ Pro Webinar: Covid-19 Themed Cybercrime
- CS:GO & Team Fortress 2 Source code leaked
- Australian schoolboy hacks into Apple’s network, steals files
- DJI’s bounty problems and video surveillance programs | Salted Hash Ep 13
- Avoiding the pitfalls of operating a honeypot
- Soccer Secrets Hacker Leaves Prison, Enters Lockdown
- Q1 2020 Coronavirus-Related Phishing Email Attacks Are Up 600%
- Italian email provider Email.it hacked with data on sale
- British Airways suffers breach, 380,000 card details stolen
- Why hacking must be addressed in digital privacy policymaking
- WWE’s Sonya Deville Gets HACKED On Twitter?!
- “World’s most secure online backup” provider exposes 135M records
- NASA fears hackers may have stolen employee data
- The OPM hack explained: Bad security practices meet China’s Captain America
- Emerging Europe takes the initiative in hacking the coronavirus – Emerging Europe
- OGUsers hacking forum hacked; entire database dumped on rival forum
- Two men charged with hacking into SEC in stock‑trading scheme
- 10 types of hackers and how they’ll harm you
- What is penetration testing? 10 hacking tools the pros use
- Category: Malware
- New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators
- ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks
- 5 years after NotPetya: Lessons learned
- Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware
- Cato Networks offers new capability for network-based ransomware protection
- APT actor ToddyCat hits government and military targets in Europe and Asia
- How Microsoft Purview can help with ransomware regulatory compliance
- What is cryptojacking? How to prevent, detect, and recover from it
- BRATA Android Malware Gains Advanced Mobile Threat Capabilities
- Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices
- New peer-to-peer botnet Panchan hijacks Linux servers
- Nebulon bakes bare-metal Linux ransomware protection into the bootloader
- Ransomware attacks are increasing with more dangerous hybrids ahead
- Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users
- MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched
- Hackers using stealthy Linux backdoor Symbiote to steal credentials
- 9 types of computer virus and how they do their dirty work
- 11 infamous malware attacks: The first and the worst
- How the Colonial Pipeline attack has changed cybersecurity
- How Hackers Choose Their Victims
- How the Russia-Ukraine war makes ransomware payments harder
- Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
- Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks
- Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network
- Ransomware roundup: System-locking malware dominates headlines
- Logic bombs explained: Definition, examples, and prevention
- Linux malware is on the rise—6 types of attacks to look for
- Conti ransomware explained: What you need to know about this aggressive criminal group
- How Costa Rica found itself at war over ransomware
- Experts Warn of Rise in ChromeLoader Malware Hijacking Users’ Browsers
- The Myths of Ransomware Attacks and How To Mitigate Risk
- FBI active defense measure removes malware from privately owned firewalls
- Rare and dangerous Incontroller malware targets ICS operations
- Spyware was used against Catalan targets and UK prime minister and Foreign Office
- New Linux-based ransomware targets VMware servers
- Absolute Software launches ransomware response offering to accelerate endpoint recovery
- Chaos ransomware explained: A rapidly evolving threat
- Ransomware plagues finance sector as cyberattacks get more complex
- 10 top anti-phishing tools and services
- Zero-click attacks explained, and why they are so dangerous
- New RAT malware uses sophisticated evasion techniques, leverages COVID-19 messaging
- Stealthy Linux implant BPFdoor compromised organizations globally for years
- Threat hunters expose novel IceApple attack framework
- CISOs worried about material attacks, boardroom backing
- Keyloggers explained: How attackers record computer inputs
- WannaCry 5 years on: Still a top threat
- Cohesity launches FortKnox to protect data from ransomware attacks
- New malware loader Bumblebee adopted by known ransomware access brokers
- 9 most important steps for SMBs to defend against ransomware attacks
- Computer viruses explained: Definition, types, and examples
- How blockchain investigations work | CSO Online
- The Prometheus traffic direction system is a major player in malware distribution
- The worst and most notable ransomware: A quick guide for security pros
- REvil ransomware explained: A widespread extortion operation
- How ransomware runs the underground economy
- Supply-chain attack on Kaseya remote management software targets MSPs
- What is the DarkSide ransomware? And how it works
- How to protect Windows networks from ransomware attacks
- COVID-19 attack campaigns target hardest hit regions, research shows
- Ryuk ransomware explained: A targeted, devastatingly effective attack
- Cloud servers hacked via critical SaltStack vulnerabilities
- The 15 biggest data breaches of the 21st century
- How to prevent scripting attacks in Microsoft Office
- Deloitte: 8 things municipal governments can do about ransomware
- Beware malware-laden emails offering COVID-19 information, US Secret Service warns
- Credit card skimmers explained: How they work and how to avoid them
- 6 ways attackers are exploiting the COVID-19 crisis
- COVID-19 and tech: New collaboration tools mean new security risks
- Best antivirus software: 13 top tools
- Cybercriminal group mails malicious USB dongles to targeted companies
- Attack campaign hits thousands of MS-SQL servers for two years
- Category: Scams
- DJ Marshmello concert on Fortnite: An iconic event that also attracted scammers
- I didn’t see what you did, redux
- I Still Didn’t See What You Did
- BEC fraud losses almost doubled last year
- Fake cryptocurrency apps crop up on Google Play as bitcoin price rises
- With FaceApp in the spotlight, new scams emerge
- Survey shows rise in scam robocalls amid COVID‑19 fears
- Fed shares insight on how to combat synthetic identity fraud
- SIM swap scam: What it is and how to protect yourself
- Would you take the bait? Take our phishing quiz to find out!
- PayPal users targeted in new SMS phishing campaign
- 429 Error | ESET
- Smishing: What it is and why we fall for these scams so easily
- Romance scams in 2020: Breaking hearts, wallets – and records
- Almost $2 billion lost to BEC scams in 2020
- I hacked my friend’s website after a SIM swap attack
- Watch out for these scams targeting Amazon customers
- Victims duped out of US$1.8 million by BEC and romance scam ring
- Common NFT scams and how to avoid them
- Don’t get phished! How to be the one that got away
- 5 common gift card scams and how to spot them
- Cryptocurrency scams: What to know and how to protect yourself
- 10 reasons why we fall for scams
- The flip side of the coin: Why crypto is catnip for criminals
- Common LinkedIn scams: Beware of phishing attacks and fake job offers
- Think before you scan: How fraudsters can exploit QR codes to steal money
- There’s no sugarcoating it: That online sugar daddy may be a scammer
- The trouble with BEC: How to stop the costliest internet scam
- When love hurts: Watch out for romance scams this Valentine’s Day
- Making loyalty pay: How to keep your loyalty rewards safe from scammers
- The triangle of holiday shopping: Scams, social media and supply chain woes
- Beware of these 5 common scams you can encounter on Instagram
- Deepfakes – the bot made me do it
- 5 common scams targeting teens – and how to stay safe
- 4 common ways scammers use celebrity names to lure victims
- Scam uses Elon Musk’s name to trick people out of US$2 million in bitcoin
- Scam impersonates WhatsApp, offers ‘free internet’
- Sextortion scammers still shilling with stolen passwords
- Scams to watch out for not just this Mother’s Day
- FBI warns of romance scams using online daters as money mules
- 5 scams to watch out for this shopping season
- Ambitious scam wants far more than just PayPal logins
- 5 major US wireless carriers vulnerable to SIM swapping attacks
- Job hunting? Beware hiring scams using spoofed company websites
- Don’t get sacked! Scams to look out for this Super Bowl
- Would you get hooked by a phishing scam? Test yourself
- How romance scammers break your heart – and your bank account
- PayPal remains the most‑spoofed brand in phishing scams
- Did someone file your taxes before you?
- Fraud Prevention Month: How to protect yourself from scams
- 4:15 p.m.: An urgent message from the CEO
- Category: Security
- LockBit 3.0 Ransomware Launches ‘Bug Bounty Program’
- Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022
- Phishing awareness training: Help your employees avoid the hook
- Critical Instagram Bug Could Allow Changing Reel Thumbnails
- Critical Vulnerability In Apple Game Center Allowed Authentication Bypass
- New MaliBot Android Banking Trojan Mimics Fake Crypto Apps
- Mozilla Rolls Out Total Cookie Protection On Firefox By Default
- Cybersecurity: A global problem that requires a global answer
- Chaining Yunmai Smart Scale App Vulnerabilities Could Expose User Data
- CISA Urges Users To Update Google Chrome Browser
- Microsoft Patch Tuesday June Arrives With 55 Security Updates
- ChromeLoader a simple vessel for more sinister threats
- Stealthy Symbiote Malware Wreaks Havoc On Linux Systems
- Fujitsu Cloud Storage Vulnerabilities Could Expose Backups To Attackers
- RSA – Digital healthcare meets security, but does it really want to?
- RSA – APIs, your organization’s dedicated backdoors
- Surfshark, ExpressVPN Exit India Following Intrusive Law Implementation
- Cybersecurity awareness training: What is it and what works best?
- A Severe Zero-Day Vulnerability Riddles Microsoft Office
- Researcher Discloses A WordPress CSP Bypass Publicly
- Serious Argo CD Vulnerability Could Give Admin Access To The Attackers
- Microsoft Found Bugs Affecting Pre-Built Android Apps From Telcos
- Serious RCE Vulnerability In Horde Webmail Threatens User Security
- New ERMAC 2.0 Trojan Variant Actively Targeting Android Users
- ChromeLoader – A New Browser Hijacking Malware Spreading Globally
- Multiple Bugs Found In Open Automation Software (OAS) Platform
- Critical Vulnerability Found In Screencastify Chrome Extension
- LinkedIn Bug Bounty Program Becomes Available To The Public
- RootHelper – A Bash Script that Downloads and Unzips Scripts that will Aid with Privilege Escalation on a Linux System
- Google Released Chrome 102 Browser Update With 32 Bug Fixes
- SimplyEmail – Email Recon Made Fast and Easy, With a Framework To Build On
- Yik Yak Anonymous Message Platform Had An Information Disclosure Bug
- JShielder – Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer
- CES 2022: Space security – no more flying blind
- Zizzania – Automated DeAuth Attack
- Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone
- dnstwist – Domain Name Permutation Engine for Detecting Typo Squatting, Phishing and Corporate Espionage
- US: Your AI has to explain its decisions
- Windows Exploit Suggester – Tool To Detect Potential Missing Patches & Find Exploits
- From the back office to the till: Cybersecurity challenges facing global retailers
- Viper – Bruteforce Password Cracker
- A first look at threat intelligence and threat hunting tools
- XXEinjector – Tool for Automatic Exploitation of XXE Vulnerability Using Direct and Different Out of Band Methods
- US military vs. Silicon Valley – a cultural divide
- GDB Dashboard – Modular Visual Interface for GDB in Python
- Multiple Vulnerabilities In Facebook Could Allow Account Takeover
- 3 Best Free Steganographic Tools For Android
- Swagger UI Library Vulnerability Potentially Affects Multiple Services
- Sandboxed Execution Environment – A Framework for Building Test Automation In Secured Environments
- Microsoft Patch Tuesday May Fixed 75 Bugs With Three Zero-Day Flaws
- Raptor WAF – C Based Web Application Firewall
- Multiple Vulnerabilities Found In Jupiter WordPress Theme
- Top 7 Best Free Firewall Apps For Android
- Multiple Vulnerabilities Found In Icinga IT Monitoring System
- Frida – Dynamic Instrumentation Toolkit for Developers, Reverse-Engineers, and Security Researchers
- Exploit SaaS App’s Vanity URLs Could Allow Phishing Attacks
- Mobile Security Framework (MobSF) – An All-In-One Mobile Application Security Assessment Framework
- New Phishing Attack Targets Windows Systems With Three Infostealers
- APKTool – A Tool for Reverse Engineering Android APK Files
- New Exploit Emerges For A Previously Patched SharePoint Vulnerability
- MARA – A Mobile Application Reverse Engineering and Analysis Framework
- Microsoft Warns About New Sysrv Botnet Variant Attacks Web Servers
- AndroL4b – A Virtual Machine For Assessing Android Applications, Reverse Engineering and Malware Analysis
- Serious Command Injection Vulnerability Found In Zyxel Firewalls
- Arpy – Mac OSX ARP Spoof (MiTM) Tool
- New Raspberry Robin Found Dropping Windows Malware
- Gophish – An Open-Source Phishing Toolkit
- OpenSSF Launches Package Analysis Tool To Detect Malicious Packages
- FoolAV – Pentest Tool for Antivirus Evasion & Running Arbitrary Payload on Target Wintel Host
- New Magniber Ransomware Lures Victims Via Fake Windows 10 Updates
- GitMiner – Tool for Advanced Content Search on Github
- Watch Out For This Fake Windows 11 Upgrade Lure
- ttyd – Share Your Terminal Over The Web
- Zero-Day Bugs Spotted In Nooie Baby Monitor Await Patches
- WordPress Exploit Framework – A Ruby Tool For WordPress Penetration Testing
- Researchers Explain How SSRF Vulnerabilities Risk Java RMI Services
- Malware-Jail – Tool For Javascript Malware Analysis, Deobfuscation and Payload Extraction
- Researcher Won $10K Bounty For A Google Cloud Project SSRF Flaw
- 14 Best IP Hide Tools 2021
- Hackers Can Steal Money Via Apple Pay From iPhones
- SQLi Scanner- To Detect SQL Injection Vulnerability
- Vulnerability In Ford Servers Could Have Exposed Sensitive Internal Documents And Databases
- Bashter- Web Crawler, Scanner, and Analyzer Framework
- A Weird Bug That Breaks iPhone WiFi Functionality
- FinalRecon- OSINT Tool For All-In-One Web Reconnaissance
- A Now-Patched Linux Kernel Vulnerability Could Lead To Data Leaks
- Terminus- Terminal Emulator For Windows, MacOS And Linux
- Facebook To Alert Users When Sharing Old Content
- IPFinder CLI (Command Line Interface) – To Locate and Identify Website Visitors by IP Address
- Honda Discloses Cyber Attack On Its Network Including Outside Japan
- TOR Router- To Use As Transparent Proxy And Send Traffic Under TOR
- WolfRAT Malware Targets Messengers Apps On Android Devices
- Seccubus- Easy Automated Vulnerability Scanning, Reporting And Analysis
- Critical Security Bugs Discovered In Salt Framework By SaltStack
- Pyshark- To Allowing Python Packet Parsing Using Wireshark Dissectors
- Hackers Targeted Two Cryptocurrency Platforms, Stole $25M Worth Crypto
- iKy OSINT Project – To Collect Information From E-Mail With GUI
- Remote Code Execution Flaws Found In Foxit Reader And PhantomPDF
- MemGuard- Secure Software Enclave For Storage of Sensitive Information in Memory
- Researchers Found Thousands Of Android Apps With Backdoors
- EasySploit – Metasploit Automation – Exploit Windows, Mac And Android
- Zoom Stops Displaying Meeting IDs Alongside Other Security Features
- USBRIP- Simple Command Live Forensic Tool For Tracking USB device
- NSO Discloses Facebook’s Secret Attempt To Buy Pegasus
- The Ultimate WinRM Shell For Penetration Testing
- Hackers Bundled Cryptominer With Legit Zoom Installer
- CloudCheck- To Test String If A Cloudflare DNS Bypass is Possible
- New Magecart Skimmer Compromised 19 Different Websites
- Phantom Tap (PhanTap) – An ‘Invisible’ Network Tap
- Mozilla Patches Two Zero-day Bugs Under Exploit With Firefox 74.0.1
- Burp Suite Extension – To Monitor And Keep Track of Tested Endpoints
- A Twitter Bug Allowed Firefox To Store Cached Files Shared Via DMs
- PostShell – Post Exploitation Bind/Backconnect Shell
- Dolos Cloak- For Network Penetration Testers To Automated 802.1x Bypass
- OSquery- SQL Powered Operating System Instrumentation, Monitoring And Analytics
- TraXSS – Automated XSS Vulnerability Scanner
- Security Vulnerabilities Discovered In Rank Math WordPress Plugin
- XRay – Using For Recon Mapping And OSINT Suite
- E-Commerce Site Tupperware Suffered Credit Card Skimmer Attack
- Smart OSINT Collection of Common IOC Types
- GitLab Addressed Multiple Important Vulnerabilities With Latest Releases
- Penta- Open Source All-in-one CLI To Automate Pentesting
- Category: Application Security
- SolarWinds creates new software build system in wake of Sunburst attack
- Security startup Cerby debuts with platform to manage shadow IT
- How the Secure Software Factory Reference Architecture protects the software supply chain
- Open-source software risks persist, according to new reports
- For one software maker, an SBOM adds value to the product
- Sigstore explained: How it helps secure the software supply chain
- Software supply chain security fixes gain prominence at RSA
- The Open Source Software Security Mobilization Plan: Takeaways for security leaders
- Codenotary adds vulnerability scanning to its repertoire
- Developer sabotages own npm module prompting open-source supply chain security questions
- IriusRisk launches Open Threat Model standard to secure software development lifecycle
- New Mend service auto-detects and fixes code, app security issues
- Spring4Shell patching is going slow but risk not comparable to Log4Shell
- 10 top fuzzing tools: Finding the weirdest application errors
- Fuzzing tool company launches initiative to secure open-source software
- 10 NFT and cryptocurrency security risks that CISOs must navigate
- 9 top SAST and DAST tools
- New attack surface management product takes full-stack aim at software supply chain threats
- 7 top software supply chain security tools
- Rezilion launches Dynamic SBOM for software supply chain devsecops
- Google to launch repository service with security-tested versions of open-source software packages
- 23 DevSecOps tools for baking security into the development process
- The new cybersecurity mandate | CSO Online
- Chainguard launches native Kubernetes compliance software Enforce
- Next wave of digital transformation requires better security, automation
- Software composition analysis explained, and how it identifies open-source software risks
- 10 top API security testing tools
- 17 cybersecurity startups to watch
- 10 old software bugs that took way too long to squash
- Half of all Docker Hub images have at least one critical vulnerability
- 6 common container security mistakes to avoid
- Skipped patch from 2012 makes old Microsoft Office systems a favored target
- 4 critical issues surrounding contact-tracing apps
- Make simple software security checks part of your purchasing process
- RubyGems typosquatting attack hits Ruby developers with trojanized packages
- What is mitmproxy? A tool to inspect TLS-encrypted traffic
- What is a buffer overflow? How hackers exploit these vulnerabilities
- Cybersecurity spending trends, 2020 | CSO Online
- 12 hottest new cybersecurity startups at RSA 2020
- APIs are becoming a major target for credential stuffing attacks
- How Visa built its own container security solution
- RSA 2020: 7 trends and takeaways
- How ShiftLeft catches vulnerabilities during code development
- The CSO guide to top security conferences, 2020
- Category: Cloud Security
- Google Cloud previews advanced new API security features
- Google Cloud gets new built-in security features
- Palo Alto adds out-of-band web application security features to Prisma Cloud
- Ransomware could target OneDrive and SharePoint files by abusing versioning configurations
- Critical flaws in APC uninterruptible power supplies poses risks to mission-critical devices
- Google acquires Mandiant to enhance Google Cloud security suite
- Nearly 70% of tested ServiceNow instances leaking data
- Preparing Microsoft cloud networks for regional disruptions
- IBM service aims to secure multicloud operations
- ExtraHop adds heat map to its AWS cloud-native security solution
- New open-source tool tackles pesky access denial messages in AWS
- Palo Alto launches cloud-native firewall service for AWS
- Keeping secrets in a devsecops cloud-native world
- Qualys Multi-Vector EDR update prioritizes alert response
- Managing container vulnerability risks: Tools and best practices
- Verica launches Prowler Pro solution to enhance AWS security
- Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assets
- Intel bets big on security as a service for confidential computing
- Deepfence Cloud builds on ThreatStryker security observability platform
- The cloud security emperor has no pants
- Wrongly configured Google Cloud API potentially creates dangerous functionality
- Firms struggling with non-person identities in the cloud
- Attackers use public cloud providers to spread RATs
- The 3 biggest challenges of SASE in hybrid cloud environments
- 8 top cloud security certifications
- The most dangerous (and interesting) Microsoft 365 attacks
- The shared responsibility model explained and what it means for cloud security
- Developing a multicloud security strategy
- How do you secure the cloud? New data points a way
- A 10-point plan to vet SaaS provider security
- 6 ways to be more secure in the cloud
- How to evaluate a CASB
- 3 cloud security ‘hacks’ to consider today
- 5 security operations and analytics trends to watch in 2020
- How DivvyCloud protects cloud deployments
- How Fugue protects cloud assets
- Episode 7: Security in a time of crisis
- 5 ways to improve your security posture in 2020
- Why multicloud security is your next big challenge
- How Adobe monitors cloud deployments to control shadow IT
- Infrastructure-as-code templates are the source of many cloud infrastructure weaknesses
- 5 standout products from RSA 2020
- Category: Data Breach
- Overview of Top Mobile Security Threats in 2022
- Former Amazon Employee Found Guilty in 2019 Capital One Data Breach
- A Simple 5-Step Framework to Minimize the Risk of a Data Breach
- GoDaddy Data Breach Exposes Over 1 Million WordPress Customers’ Data
- The Importance of IT Security in Your Merger Acquisition
- Panasonic Suffers Data Breach After Hackers Hack Into Its Network
- Hackers Steal $200 Million Worth of Cryptocurrency Tokens from BitMart Exchange
- Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions)
- FBI Seizes ‘SSNDOB’ ID Theft Service for Selling Personal Info of 24 Million People
- Cynet’s Keys to Extend Threat Visibility
- How Attack Surface Management Preempts Cyberattacks
- France Rules That Using Google Analytics Violates GDPR Data Protection Law
- Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords
- Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018
- Ukraine Secret Service Arrests Hacker Helping Russian Invaders
- OPM’s $63 million breach settlement offer: Is it enough?
- Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
- Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England
- Block Admits Data Breach Involving Cash App Data Accessed by Former Employee
- GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens
- GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens
- Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers
- T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
- Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In
- How Secrets Lurking in Source Code Lead to Major Breaches
- Twitch breach highlights dangers of choosing ease of access over security
- GoDaddy WordPress data breach: A timeline
- Cyber insurance explained: What it covers and why prices continue to rise
- Ubiquiti breach an inside job, says FBI and DoJ
- The emotional stages of a data breach: How to deal with panic, anger, and guilt
- Three recent events prove the need for an insider risk playbook
- European nations issue record €1.1 billion in GDPR fines
- Purported massive leak of Russian soldiers’ data could sink morale, digital security
- Nvidia hackers release code-signing certificates that malware can abuse
- Extortion group teases 190GB of stolen data as Samsung confirms security breach
- SEC plans four-day cybersecurity breach notification requirement
- Uber CISO’s trial underscores the importance of truth, transparency, and trust
- LAPSUS$ ransomware group claims Okta breach
- Hive ransomware group claims Partnership HealthPlan of California data breach
- JHL Biotech’s theft of Genentech data holds lessons for infosec
- Cash App customer investment data hacked
- A Trip to the Dark Site — Leak Sites Analyzed
- Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine
- 5 steps to security incident response planning
- The T-Mobile data breach: A timeline
- Security firm COO indicted for allegedly aiding hospital’s attackers: What CSOs should know
- 10 things to do now to reduce the cost of your next data breach
- What is a supply chain attack? Why to be wary of third-party providers
- Lessons learned from the ANPR data leak that shook Britain
- What is the cost of a data breach?
- Rowhammer memory attacks close in on the real world
- Supreme Court rules Morrisons not liable for data breach caused by rogue insider
- What is Magecart? How this hacker group steals payment card data
- 7 security incidents that cost CISOs their jobs
- The biggest data breach fines, penalties and settlements so far
- Release the monkey! How Infection Monkey tests network security
- Equifax data breach FAQ: What happened, who was affected, what was the impact?
- Marriott data breach FAQ: How did it happen and what was the impact?
- What is a cyber attack? Recent examples show disturbing trends
- What is the dark web? How to access it and what you’ll find
- Top cybersecurity facts, figures and statistics for 2020
- The 14 biggest data breaches of the 21st century
- Category: Email Security
- Phishing Using HTML and Intranet Security Settings
- SMSmishing Unabated: Best Buy targeted by fake gift card campaign
- Yahoo Mail falls victim to password hack
- Study: White House email domains at risk of being misused for phishing scams
- Researchers reveal flaws that may expose encrypted emails to prying eyes
- Attack at email provider wipes out almost two decades’ worth of data
- Microsoft reveals breach affecting webmail users
- Category: Mobile Security
- Google outlines new security features in Android 5.0
- ‘Find My Mobile’ system can be used to attack Samsung handsets
- Microsoft issues rapid fix to GroupMe exploit
- Apple Pay and security – what you need to know
- Nexus 5, Galaxy S5 and iPhone 5s hacked at Pwn2Own event
- Italian spyware firm is hacking into iOS and Android devices, Google says
- Phone biometric security need to be controlled, says ex‑GCHQ chief
- Android scam: Firms fined over $500,000 for malicious apps’ hidden subscriptions
- Mobile security: flaw allows hackers to read texts and listen to calls
- ‘Critical Security Updates’ cancelled for 939 million Android users
- Android Wi‑Fi Direct bug means hackers can reboot your device
- Are you being tracked? How to spot a tracking app on your phone
- Google announces ‘Vulnerability Research Grants’
- America is the leading developer of “risky mobile apps”, claims report
- Mobile security: IBM/Ponemon study finds enterprise app security weaknesses
- How secure is your smartwatch?
- 1,500 iOS apps open to simple man‑in‑the‑middle attacks
- Samsung Galaxy S5 could be open to fingerprint theft
- Smartphone Authentication: the Passing of the Passcode?
- No iOS Zone, the vulnerability that enables DoS attacks on Apple devices
- 5 signs that an app could be risky
- Hackers could track subway users via phone accelerometer data
- ESET uncovers another porn clicker on Google Play
- Google to add permission controls in upcoming Android M
- 8 years of Android: malware, malicious apps, and how to stay safe
- Security by design for mobile device manufacturers
- Mobile security: The reality of malware … augmented
- Tablet security: Is it as good as your smartphone?
- Are mobile devices insecure by nature?
- Think you have a tracker on your phone? Learn how to make your device more resilient
- Tricks that cybercriminals use to hide in your phone
- Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet
- How secure is your phone’s lock screen?
- FBI warns about fraudsters targeting banking app users
- Mozilla fixes flaw that let attackers hijack Firefox for Android via Wi‑Fi
- iPhone hack allowed device takeover via Wi‑Fi
- Wormable Android malware spreads via WhatsApp messages
- Beware Android trojan posing as Clubhouse app
- WhatsApp Pink: Watch out for this fake update
- 1 million risky apps rejected or removed from Apple’s App Store in 2020
- Android stalkerware threatens victims further and exposes snoopers themselves
- Take action now – FluBot malware may be on its way
- Mobile security failings putting enterprises at risk
- 8 mobile security threats you should take seriously
- FCC asks carriers to step up to stop SIM swapping, port-out fraud
- MITRE ATT&CK v11 adds ICS matrix, sub-techniques for mobile threats
- How to hack a phone: 7 common attack methods explained
- Malware detections surge from “COVID Bounce”
- ESET refreshes enterprise products, embraces XDR
- Contact tracing via Bluetooth could help track COVID-19 transmission
- How does certificate-based authentication work?
- 6 key points of the new CISA/NSA 5G cloud security guidance
- Stealthy Trojan that roots Android devices makes its way on app stores
- Clubhouse app raises security, privacy concerns
- 5 riskiest mobile apps | CSO Online
- Cybersecurity in 2021: Stopping the madness
- How attackers exploit QR codes and how to mitigate the risk
- Want better mobile security or privacy? Try these Android and iOS alternatives
- The trouble with 2fa | InsiderPro
- Android security: Patching improves, but fragmentation challenges remain
- What is smishing? How phishing via text message works
- Top mobile VPNs for the enterprise
- Security spending up, but adoption of cutting-edge tools is slow
- Emergent Android banking Trojan shows app overlay attacks are still effective
- 7 mobile security threats that may catch you by surprise
- Cybersecurity in 2020: From secure code to defense in depth
- 5G security is a mess. Could digital certificates help?
- 8 mobile security threats you should take seriously in 2020
- 4 ways 5G will change your enterprise threat model
- Category: Network Security
- How and why threat actors target Microsoft Active Directory
- Cisco reports vulnerabilities in products including email and web manager
- Zero trust requires network visibility
- Fortinet tightens integration of enterprise security, networking controls
- Sigma rules explained: When and how to use them to log events
- How to mitigate Active Directory attacks that use the KrbRelayUp toolset
- 10 essential Linux tools for network and security pros
- 5 VMware products need patching against serious security vulnerabilities
- US security agencies warn of threats to industrial, utility control networks
- Basing network security on IP addressing: Would it be worth it?
- ConcealBrowse isolates malicious software before it can work its mischief
- RSA: Intel reference design to accelerate SASE, other security tasks
- RSA: Cisco launches SASE, offers roadmap for other cloud-based services
- Cisco urges software update to thwart counterfeit switches
- Cisco warns of critical vulnerability in virtualized network software
- Intel details IPU roadmap to free up CPUs
- 6G cellular doesn’t exist, but it can be hacked
- Who is selling Zero Trust Network Access (ZTNA) and what do you get?
- How to audit Microsoft Active Directory
- U.S. government proposals spell out 5G security advancements
- 5 top deception tools and how they ensnare attackers
- 6 top network security threats and how to beat them
- What is Nmap and why do you need it on your network?
- SASE or SSE? Don’t let hype distract from enterprise needs
- Vicarius releases free Nmap scanning tool
- A formula for measuring real-world email security efficacy
- How to choose the best VPN for security and privacy
- Cybereason launches DFIR solution to automate incident response
- How a new generation of IoT botnets is amplifying DDoS attacks
- NIST Cybersecurity Framework update comments highlight a gamut of needed changes
- Patching the latest Active Directory vulnerabilities is not enough
- HYAS brings security threat detection, response to production networks
- What is cryptography? How algorithms keep information secret and safe
- DOJ: Good faith security research won’t be charged under Computer Fraud and Abuse Act
- What your cyber insurance application form can tell you about ransomware readiness
- Palo Alto, Deloitte enter U.S. MSSP market with expanded partnership
- What Microsoft Defender can tell you about your network
- How SAML works and enables single sign-on
- How to choose a certificate management tool
- CISA issues emergency warning over two new VMware vulnerabilities
- New SDP 2.0 specification facilitates zero-trust maturity
- TLS implementation flaws open Aruba and Avaya network switches to RCE attacks
- Protecting on-premises Microsoft servers | CSO Online
- Gartner: SSE is SASE minus the SD-WAN
- BadUSB explained: How rogue USBs threaten your organization
- Log4j flaw needs immediate remediation
- How APTs become long-term lurkers: Tools and techniques of a targeted attack
- Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders
- Top cybersecurity M&A deals for 2021
- 7 dumb ways to be a ransomware victim, and how to avoid them
- Free security resources for work-from-home employees during the COVID-19 crisis
- 8 ways to get more life out of an old SIEM
- 4 key benefits of NOC/SOC integration and tips for making it work
- ZeroNorth orchestrates and tames enterprise scanner sprawl
- What are vulnerability scanners and how do they work?
- COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale
- Ericom Shield extends zero trust to websites with browser isolation
- What is phishing? How this cyber attack works and how to prevent it
- 5G without governance is risky business
- What is WireGuard? Secure, simple VPN now part of Linux
- 3 ways COVID-19 is changing CISO priorities
- Category: OS Security
- Microsoft Office the most targeted platform to carry out attacks
- Android malware: Banking trojan Alien a rising threat
- What you need to know about Microsoft Azure Security Benchmarks 2.0
- The four pillars of Windows network security
- Windows 10 security: Are you on the right version?
- Microsoft touts first PCs to ship natively with secure Pluton chip
- Managing security in hybrid Windows 11 and Windows 10 environments
- The .NET patch failure that wasn’t
- The 7 best password managers for business
- PrintNightmare vulnerability explained: Exploits, patches, and workarounds
- How to prepare for the demise of Windows NT LAN Manager
- How to harden web browsers against cyberattacks
- How to lock down RDP servers
- Amid the pandemic, using trust to fight shadow IT
- 9 tips to detect and prevent web shell attacks on Windows networks
- Scan your Windows network for vulnerabilities
- How to lock down enterprise web browsers
- Best new Windows 10 security features: Longer support, easier deployment
- How to manage Windows 10 1903 and 1909 security updates
- Microsoft Threat Protection: What security and IT admins need to know
- How to implement Windows 7, Server 2008 security updates after end-of-life
- The 9 Windows Server security settings you need to get right
- 8 steps to being (almost) completely anonymous online
- Best Android antivirus? The top 8 tools
- Category: Password Security
- 32 million Twitter account credentials up for grabs – but site says it wasn’t hacked
- Do your kids know good password hygiene? Here are some rules
- Apple ID smishing evolves to lure more victims
- Fingerprint security: Three myths busted
- A short history of the computer password
- Security education and social responsibility
- Survey shows sloppy password habits among young Brits
- UK’s National Lottery urges millions of players to change their passwords
- Recycling is a must, but why would you reuse your password?
- Twitter advises all users to change passwords after glitch
- Attackers could use heat traces left on keyboard to steal passwords
- Major sites still largely lax on prompting users towards safer password choices, study finds
- Strict password policy could prevent credential reuse, paper suggests
- 773 million email IDs, 21 million passwords for anyone to see in massive data dump
- Google rolls out Chrome extension to warn you about compromised logins
- How to tell if your password has been stolen in a security breach
- Zoom makes 2FA available for all its users
- Google adds password breach alerts to Chrome for Android, iOS
- Why you should keep your Netflix password to yourself
- The worst passwords of 2020: Is it time to change yours?
- 5 ways hackers steal passwords (and how to stop them)
- Passwordless authentication: Is your company ready to move beyond passwords?
- A recipe for failure: Predictably poor passwords
- Up to 350,000 Spotify accounts hacked in credential stuffing attacks
- Google’s Password Checkup tool rolling out to Android devices
- One in six people use pet’s name as password
- What is a password manager and why is it useful?
- Apple hopes to bolster password security with open source project
- People know reusing passwords is risky – then do it anyway
- 5 common password mistakes you should avoid
- Credential‑stuffing attacks behind 30 billion login attempts in 2018
- Half a million Zoom accounts for sale on the dark web
- Over 23 million breached accounts used ‘123456’ as password
- Chrome now warns you if your password has been stolen
- The worst passwords of 2019: Did yours make the list?
- 38,000 people forced to pick up email passwords in person
- Microsoft: 99.9 percent of hacked accounts didn’t use MFA
- Security flaws found in popular password managers
- Category: Phishing
- The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
- The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
- ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
- ‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
- Analysis of dark web posts selling access to corporate networks
- Router security report 2021 | Securelist
- CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction
- WinDealer dealing on the side
- PC malware statistics, Q1 2022
- Kaspersky IT threat report for Q1 2022
- Mobile malware statistics for Q1 2022
- Security risks of using third party automotive apps
- Kaspersky MDR analyst report for 2021
- The Verizon 2022 Data Breach Investigations Report
- ISaPWN – research on the security of ISaGRAF Runtime
- Kaspersky report on Emotet modules and recent attacks
- How to recover files encrypted by Yanluowang
- Kaspersky DDoS report, Q1 2022
- New ransomware trends in 2022
- Overview of phishing HTML attachments in e-mail
- Evaluation of cyber activities and the threat landscape in Ukraine
- The Trojan subscribers Joker, MobOk, Vesub and GriftHorse
- A new secret stash for “fileless” malware
- APT trends report Q1 2022
- Notes on CVE-2022-0847 (Dirty Pipe) vulnerability
- MoonBounce: the dark side of UEFI firmware
- PseudoManuscrypt: a mass-scale spyware attack campaign
- Google Eye Phish: Bait Me A Hook In The Morning
- Phishing and Taxes: a dead CERT?
- Bad password choices: don’t miss the point
- Online Shopping and a Phishing Pheeding Phrenzy
- Online Shopping and a Phishing Pheeding Phrenzy [2]
- Online Shopping and a Phishing Pheeding Phrenzy [3]
- Phish to phry: The Thoughtful Phisher Revisited…
- The Thoughtful Phisher II | WeLiveSecurity
- The Less Thoughtful Phisher | WeLiveSecurity
- Phear of Phishing | WeLiveSecurity
- Spam and phishing in 2019
- California company sues bank over cybercrime, wins $350,000 settlement
- Phishing emails: U.S. nuke authority hit three times
- Amazon phishing scams hit over 750,000 Brits
- Census Scams and ‘Grandparent Scams’
- Spoofed URLs: Homograph Attacks Revisited
- 5 simple ways you can protect yourself from phishing attacks
- Hook, line, and sinker: How to avoid looking ‘phish‑y’
- Spam and phishing in Q3 2019
- Category: Physical Security
- Cybersecurity researchers face real-life threats
- Apple AirTag and other tagging devices add to CISO worries
- CISOs, beware of spyware tools for illicit competitive intelligence
- Germany’s BSI warns against Kaspersky AV over spying concerns
- Are Ukraine’s drone capabilities being throttled in Russia-Ukraine conflict?
- APT actors exploit flaw in ManageEngine single sign-on solution
- How drones affect your threat model
- What is doxing? Weaponizing personal information
- What is a CSO? Understanding the critical chief security officer role
- IBM and thumb drives: epoxy or beacons?
- How Facebook protects data with physical security
- Information security in a war zone: How the Red Cross protects its data
- Cyber games at the World Cup 2018
- Keeping the Stars and Stripes secure
- Where Chicken Little meets information security
- Our electric grid is vulnerable to cyberattacks. Here’s what we need to do
- Hacking smart buildings | CSO Online
- Remember: It’s not all about the 1s and 0s
- The state of ICS and IIoT security in 2019
- Category: Privacy
- Face scanning – privacy concern or identity protection?
- Data leak exposes 750,000 birth certificate applications
- Google disables Xiaomi smart home integration after camera bug
- Google to end support for third‑party cookies in Chrome
- Dating apps share personal data with advertisers, study says
- Google: Flaws in Safari’s privacy tool could enable tracking
- Bluetooth Signals Can Be Abused To Detect and Track Smartphones
- 7 VPN services leaked data of over 20 million users, says report
- Crypto mixers: What are they and how are they used?
- Privacy watchdogs urge videoconferencing services to boost privacy protections
- NSA shares advice on how to limit location tracking
- Portland passes the strictest facial recognition technology ban yet in the US
- Sports data for ransom – it’s not all just fun and games anymore
- Had your face stolen lately?
- Zoom to begin rolling out end‑to‑end encryption
- Medical scans of millions of patients exposed online
- RSA – Creepy real‑world edition
- CES 2021: Car spying – your insurance company is watching you
- RSA – Spot the real fake
- Brave browser’s Tor mode exposed users’ dark web activity
- India to Collect User Data from VPNs, Data Centers, and Cloud Service Providers
- Popular password manager in the spotlight over web trackers
- Online health security – when ‘opt out’ isn’t an option
- Trust your surveillance? Why hacked cameras are very bad
- ExpressVPN Removes VPN Servers in India Rejecting Data Collection Law
- Does data stolen in a data breach expire?
- Data from 500 million LinkedIn accounts put up for sale
- AirDrop flaws could leak phone numbers, email addresses
- Android 12 will give you more control over how much data you share with apps
- Most health apps engage in unhealthy data‑harvesting habits
- Is your personal information being abused?
- ProtonMail forced to log user’s IP address after order from Swiss authorities
- Facebook to Terminate some Location Tracking Services/Features
- DuckDuckGo Allows Microsoft Trackers Despite No Tracking Policy
- Win one for privacy – Swiss providers don’t have to talk
- Google scores big win as court blocks iPhone tracking lawsuit
- CES 2022: More sensors than people
- Beyond the tick box: What to consider before agreeing to a privacy policy
- Questions linger after IRS’s about‑face on facial recognition
- Work-from-home security lessons from the pandemic
- Apple switches off the ‘open web’ by making it better
- 2 big questions to ask about Google and privacy
- Privacy-centric DuckDuckGo to release Mac desktop browser
- Apple is sneaking around its own privacy policy — and will regret it
- US, EU reach preliminary data privacy agreement
- Duckduckgo launches privacy browser beta for macOS
- Europe puts Apple’s CSAM plans back in the spotlight
- When it comes to data, resist your inner packrat
- Google responds to EU data rulings with new Workspace controls
- Think the video call mute button keeps you safe? Think again
- Test your outrage over Google’s new Topics advertising system
- UK government ignites debate over privacy vs. safety
- Android 12’s quietly important privacy progress
- The missing context around Google’s Android privacy fallout
- How to give your phone an Android-12-inspired privacy upgrade
- Note to IT: Google really wants its privacy settings left alone
- How long until Apple boots apps from its stores for privacy issues?
- Facial recognition technology banned in another US city
- Cyberbullying: Adults can be victims too
- How encryption can help protect your sensitive data
- Professional data leakage: How did that security vendor get my personal data?
- How to take charge of your Google privacy settings
- Is “global privacy” an oxymoron?
- Facebook privacy settings: Protect your data with these tips
- Sensitive plastic surgery photos exposed online
- Is your phone listening to you?
- Firefox turns on DNS over HTTPS by default for US users
- Brave comes out on top in browser privacy study
- FBI warns of human traffickers luring victims on dating apps
- Download Malwarebytes Today and Protect Your Data for Free
- What you need to know about new data-security rules for business travel
- Will spam die in 2020?
- Category: Security Tools
- Category: Uncategorized
- Floxin Shop Online
- Fda Approved Medications | Is Generic Lopressor Available | Worldwide Delivery (3-7 Days)
- Buy Norvasc Brand Pills Online | How Can I Get Amlodipine
- Atarax For Sale. Buy Online Generic Hydroxyzine
- Order Prednisone Brand Cheap | Low Cost Prednisone Canada
- Best Price Generic Tadacip. Best Place To Order Generics
- Voltaren Canada Prescription Required
- Online Linezolid Generic * General Health Pharmacy * Fast Worldwide Shipping
- Where To Buy Viagra Soft 100 mg Brand Cheap
- The Cost Of Biaxin
- Tadalis Purchase Online – Generic Pharmacy
- Buy Discount Pyridostigmine
- Dapoxetine From Canada. Dapoxetine Pills Price
- Order Clopidogrel Uk – Purchase Plavix Brand Online
- Generic Cialis Super Active Purchase
- Where I Can Purchase Acticin . grcra.org
- How Much Is Generic Flomax. Fast Delivery
- Money Back Guarantee – Can You Buy Nimotop In Canada – Airmail Delivery
- Risperidone Cheapest Price Canada. Fast Order Delivery
- Category: Vulnerability
- New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers
- OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability
- One Plus Website’s Payment System Got Hacked And Customers Credit Card Info Compromised
- How To Hack Facebook Accounts With Oculus Integration
- Spectre And Meltdown Vulnerability Checker For Linux
- How This Indian Language Character Can Crash Your iPhone and Mac
- Security Alert! Your Mac is Spying on You
- Striker: An Offensive Information And Vulnerability Scanner
- BootStomp: An Android boot-loader Bug Finder
- Over a Dozen Flaws Found in Siemens’ Industrial Network Management System
- High-Severity RCE Vulnerability Reported in Popular Fastjson Library
- Remote Code Execution Vulnerability Found In Drupal, Is Your Website Running on Drupal?
- Technical Details Released for ‘SynLapse’ RCE Vulnerability Reported in Microsoft Azure
- Adhrit: The Android Recon Tool
- OnePlus 6 Smartphone Face Detection System Easily Bypass By Simple Trick
- South Korean Cryptocurrency Exchange Hacked Lost Million of Dollars
- SleuthQ- A Tool To Find SQL Injection Vulnerability
- Researchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability
- Napper- A Trusted Platform Module (TPM) Vulnerability Checker
- CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices
- State-Backed Hackers Exploit Microsoft ‘Follina’ Bug to Target Entities in Europe and U.S
- Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability
- Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
- GitLab Issues Security Patch for Critical Account Takeover Vulnerability
- Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability
- New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email
- Critical LFI Vulnerability Reported in Hashnode Blogging Platform
- Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
- Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild
- Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild
- Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin
- Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild
- Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel
- Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System
- Researcher Releases PoC for Recent Java Cryptographic Vulnerability
- Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability
- Iranian Hackers Exploiting VMware RCE Bug to Deploy ‘Core Impact’ Backdoor
- Which Hole to Plug First? Solving Chronic Vulnerability Patching Overload
- SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
- QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
- New Unpatched Bug Could Let Attackers Steal Money from PayPal Users
- Zyxel Releases Patch for Critical Firewall OS Command Injection Vulnerability
- Google Created ‘Open Source Maintenance Crew’ to Help Secure Critical Projects
- SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices
- Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
- Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
- Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability
- Google Releases Android Update to Patch Actively Exploited Vulnerability
- Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches
- Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System
- 9-Year-Old Unpatched Email Hacking Bug Uncovered in Horde Webmail Software
- Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central
- Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit
- Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects
- Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers
- Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability
- Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild
- Critical Bugs and Backdoor Found in GeoVision’s Fingerprint and Card Scanners
- Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations
- New Bluetooth Vulnerability Exposes Billions of Devices to Hackers
- Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers
- Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers
- CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers
- Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers
- Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
- Google Accidentally Shared Private Videos of Some Users With Others
- 5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras
- The Rise of the Open Bug Bounty Project
- A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices
- Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers
- Install Latest Chrome Update to Patch 0-Day Bug Under Active Attacks
- New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers
- New Intel CPU Vulnerability Puts Data Centers At Risk
- Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
- Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion
- A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices
- Critical RCE Bug Affects Millions of OpenWrt-based Network Devices