Browsing: Cybersecurity
Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, was fixed in iOS 15.7.2 and macOS Monterey…
Posted by Ivan Lozano and Dominik Maier, Android Team Android’s use of safe-by-design principles drives our adoption of memory-safe languages…
Fal.Con 2024 wasn’t just about product innovation — it was about delivering an unforgettable experience with countless opportunities to connect,…
This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique…
In today’s interconnected digital world, businesses are constantly under threat from cybercriminals seeking to exploit vulnerabilities in systems, networks, and…
October 2022 Windows Update brought fixes for two interesting vulnerabilities, CVE-2022-38034 and CVE-2022-38045. They allowed a remote attacker to access…
Security researchers have urged customer-facing businesses to improve their verification checks after discovering a large-scale identity farming operation on the…
Fintech thrives on innovation, but cybersecurity requires a proactive approach. AI, predictive intelligence, and tailored strategies safeguard against risks, ensuring…
According to HackerOne’s 8th Annual Hacker-Powered Security Report, XSS is the number one most common vulnerability for bug bounty and…
Our first post in the series introduced the concept of federated learning—an approach for training AI models on distributed data…
Occasionaly I decompile Python code, with decompilers written in Python. Recently I discovered Decompyle++, a Python disassembler & decompiler written…
Last updated at Mon, 23 Dec 2024 13:49:32 GMT Now that we’ve reached the end of another year, you may…
The US government launched a national security investigation into the popular, Chinese-owned router maker TP-Link, with a potential eye on…
We Live Science The first Canadian to walk in space dives deep into the origins of space debris, how it’s…
This post is authored by Heimdal’s Cybersecurity Architect and Technical Product Marketing Manager Andrei Hinodache. You may know him as…
The State Department’s center for fighting global disinformation received a lump of coal in its Christmas stocking this week as…
On the eve of Christmas 2024, many Americans will be traveling to visit loved ones and attend church services to…
In the Internet of Things (IoT) sector, 2025 is shaping up to be a politically charged year. Major global jurisdictions…
Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within…
In the dynamic landscape of Operational Technology (OT), robust cybersecurity measures are paramount. As the digital transformation accelerates, protecting critical…
ZDNET’s key takeaways With plans as low as $120 for three years, TunnelBear is an affordable VPN with a free…
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code Pierluigi Paganini December 24, 2024 Adobe released…
European Space Agency’s official web shop was hacked as it started to load a piece of JavaScript code that generates…
Geräte mit Sicherheitslücken dürfen nicht auf den Markt kommen „Schadsoftware auf internetfähigen Produkten ist leider kein seltenes Phänomen“, warnt BSI-Präsidentin…
US and Japanese authorities have attributed a major cryptocurrency heist worth $308m to North Korean hackers. An alert from the…
Before it was subsumed by political commentary, the Cybersecurity and Infrastructure Security Agency (CISA) was a Trump accomplishment — signed…
Dec 24, 2024Ravie LakshmananCybercrime / Malware Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million…
The shift to AI-integrated software development isn’t just a trend; it’s a fundamental change that’s reshaping industries and redefining the…
Introduction Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We’re shedding light on a previously undocumented toolset,…
The new year always kicks off with a flood of prediction articles; then, 12 months later, our newsfeed is filled…
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly exploitable kernel bug…
Posted by David Adrian, David Benjamin, Bob Beck & Devon O’Brien, Chrome Team We previously posted about experimenting with a…
Cybersecurity budgets aren’t growing—at least not in line with the demands of IT resources. That’s nothing new, though; security teams…
As organizations embrace DevOps practices and CI/CD pipelines to accelerate software delivery, their greater dependency on third-party components can introduce…
Cisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in…
For the latest discoveries in cyber research for the week of 23rd December, please download our Threat Intelligence Bulletin. TOP…
Threat actors using tools linked to China-based APT groups have targeted multiple high-profile organizations in Southeast Asia, including government ministries…
In the ever-evolving landscape of digital security, the adage “patch or perish” encapsulates a stark reality. The timely application of…
December 2023 Windows Updates brought a patch for CVE-2023-35628, a memory corruption vulnerability that could potentially lead to remote code…
A series of critical vulnerabilities affecting the widely used WPLMS and VibeBP plugins for WordPress have been identified by security…
Explore how Ethereum revolutionizes industries with smart contracts, DeFi, NFTs, gaming, DAOs, and sustainability, shaping the future of business innovation…
Malware continued to lead the Attack Techniques chart with 21.5% slightly down from 22.7%. Events driven by ransomware were stable…
When Saskia joined the tech world, she didn’t follow the conventional path of computer science degrees or coding boot camps.…
At the end of an unmarked path on a tiny island at the edge of Stockholm’s extensive Baltic Sea archipelago…
It’s been four years since the release of The NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk…
My last investigation is a file called “Albertsons_payment.GZ”, received via email. The file looks like an archive but is identified…
Last updated at Fri, 20 Dec 2024 16:50:38 GMT This quarter at Rapid7 we continued to make investments across our…
More and more, threat actors are leveraging the browser to deliver malware in ways that can evade detection from antivirus…
ESET Research Take a peek into the murky world of cybercrime where groups of scammers who go by the nickname…
Organizations of all sizes rely on tools like Action1 to manage software updates and security patches. However, Action1 is not…