Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution...
Cyber Security
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions...
Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution...
Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation
4 min read
As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to...
Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the...
A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers...
Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control...
Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And...
In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret...
An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month...
The newly discovered Chinese nation-state actor known as Volt Typhoon has been observed to be active in...
Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker...
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities...
A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced...
A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that...
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security
Have you ever...
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID.
Cybersecurity firm...
The U.S. National Security Agency (NSA) on Thursday released guidance to help organizations detect and prevent infections...
Internet-facing Linux systems and Internet of Things (IoT) devices are being targeted as part of a new...
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files...
