Tag: cybersecurity

An unknown threat actor managed to control more than 27% of the entire Tor network exit capacity in early February 2021, a new study on the dark web infrastructure revealed. …

Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure …

WhatsApp on Friday disclosed that it won’t deactivate accounts of users who don’t accept its new privacy policy rolling out on May 15, adding it will continue to keep reminding …

Google has announced a number of user-facing and under-the-hood changes in an attempt to boost privacy and security, including rolling out two-factor authentication automatically to all eligible users and bringing …

InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, …

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including …

An adversary known for its watering hole attacks against government entities has been linked to a slew of newly detected intrusions targeting various organizations in Central Asia and the Middle …

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called ‘Buer’ written in Rust, illustrating how adversaries are constantly honing their malware …

Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that …

Perhaps due to the nature of the position, the InfoSec leadership roles tend to be solitary ones. CISOs, or their equivalent decision-makers in organizations without the role, have so many …

An “aggressive” financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware …

A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind the operation to harvest and exfiltrate …

Threat actors are increasingly adopting Excel 4.0 documents as an initial stage vector to distribute malware such as ZLoader and Quakbot, according to new research. The findings come from an …

The Metropolitan Police Department (MPD) of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack. The Babuk Locker gang claimed in …

Researchers from the University of Minnesota apologized to the maintainers of Linux Kernel Project on Saturday for intentionally including vulnerabilities in the project’s code, which led to the school being …

A recently identified security vulnerability in the official Homebrew Cask repository could have been exploited by an attacker to execute arbitrary code on users’ machines that have Homebrew installed. The …

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a …

Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. “Prometei exploits the recently disclosed Microsoft Exchange …