Malware & Threats
Secureworks security researchers have analyzed ‘DarkTortilla’, a .NET-based crypter used to deliver both popular malware and targeted payloads.
Hi, what are you looking for?
SecurityWeek
Nation-State
The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.
Cyberwarfare
As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of...
Funding/M&A
The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion.
Cybersecurity Funding
The funding round brings the total amount raised by the NetRise to roughly $25 million.
Cybercrime
Dark web intelligence firm Cyble reports seeing an increase in cyberattacks targeting virtual network computing (VNC).The VNC graphical desktop-sharing system relies on the Remote...
Cybercrime
China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS...
Supply Chain Security
A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.
Application Security
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
Cybercrime
Cybercriminals breached Cisco Systems and stole non-sensitive dataProfit-driven cybercriminals breached Cisco systems in May and stole gigabytes of information, but the networking giant says...
Black Hat
LAS VEGAS – The security industry makes its annual pilgrimage to the hot Sonoran desert this week for skills training, hacking demos, research presentations...
Application Security
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that...
Malware & Threats
Google-owned malware analysis service VirusTotal has published a report showing how threat actors abuse trust to bypass defenses and deliver their malware.According to data...
Cyberwarfare
Over the past year, North Korean advanced persistent threat (APT) actor Kimsuky has been observed using a browser extension to steal content from victims’...
Cybercrime
Mailing and printing services vendor OneTouchPoint has disclosed a data breach impacting more than 30 healthcare providers and health insurance carriers.Headquartered in Hartland, Wisconsin,...
Cybersecurity Funding
Global markets have suffered following the first Covid-19 pandemic and the Russian invasion of Ukraine – but sales of cybersecurity software have remained strong....
Supply Chain Security
Security researchers with NCC Group have documented 11 vulnerabilities impacting Nuki smart lock products, including issues that could allow attackers to open doors.Nuki offers...
Supply Chain Security
Vulnerabilities affecting a mobile device management (MDM) product from FileWave exposed many organizations to remote attacks, according to industrial cybersecurity firm Claroty.
Supply Chain Security
Oracle on Tuesday announced that a total of 349 new security patches have been released as part of its July 2022 Critical Patch Update...
Application Security
Managed detection and response (MDR) platform provider Huntress has shelled out $22 million to acquire Curricula, a startup in the growing security awareness business.Huntress,...
Application Security
A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China's reported mandates around early vulnerability disclosure, warning...
Application Security
Security researchers at Checkmarx are warning of a new supply chain attack technique that relies on spoofed commit metadata to add legitimacy to malicious...
Application Security
Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be...
Supply Chain Security
German software maker SAP on Tuesday announced the release of 20 new security notes and three updates to previous security notes as part of...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
(Stu Sjouwerman)
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)