Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers
A software package available from the official NPM repository has been revealed to be actually a
16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers
Details have emerged about a high severity security vulnerability affecting a software driver used in HP,
Researchers Warn of Linux Cryptojacking Attackers Operating from Romania
A threat group likely based in Romania and active since at least 2020 has been behind
Instagram Launches ‘Security Checkup’ to Help Users Recover Hacked Accounts
Instagram earlier this week introduced a new “Security Checkup” feature that aims to keep accounts safe
China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government
The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security
Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware
Two of the zero-day Windows flaws patched by Microsoft as part of its Patch Tuesday update
China’s Cyberspies Targeting Southeast Asian Government Entities
A sweeping and “highly active campaign” that originally set its sights on Myanmar has broadened its
Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks
Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer
Trickbot Malware Returns with a new VNC Module to Spy on its Victims
Cybersecurity researchers have opened the lid on the continued resurgence of the insidious Trickbot malware, making
Crafting a Custom Dictionary for Your Password Policy
Modern password policies are comprised of many different elements that contribute to its effectiveness. One of
Microsoft’s Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows
New SaaS Security Report Dives into the Concerns and Plans of CISOs in 2021
For years, security professionals have recognized the need to enhance SaaS security. However, the exponential adoption
Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating
How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
This week, PrintNightmare – Microsoft’s Print Spooler vulnerability (CVE-2021-34527) was upgraded from a ‘Low’ criticality to
WildPressure APT Emerges With New Malware Targeting Windows and macOS
A malicious campaign that has set its sights on industrial-related entities in the Middle East since
Kaseya Rules Out Supply-Chain Attack; Says VSA 0-Day Hit Its Customers Directly
U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA
A Practical Guide for Startups
A common misconception among startup founders is that cybercriminals won’t waste time on them, because they’re
Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware
Threat actors behind the notorious REvil cybercrime operation appear to have pushed ransomware via an update
