Endpoint Security
A researcher from the Ben-Gurion University of the Negev in Israel has published a paper describing a method that can be used to silently...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
Supply Chain Security
Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.
Malware & Threats
A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.
Application Security
Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
Government
The US government's cybersecurity agency describes UEFI as "critical attack surface" that requires urgent security attention.
Funding/M&A
Endor Labs has closed a massive $70 million Series A round of financing to fuel ambitious plans to build a dependency lifecycle management platform.
Application Security
Remote code execution vulnerability fixed in GitLab Community Edition (CE) and Enterprise Edition (EE) updates.
Cybercrime
Website security firm Sucuri is warning of an increase in fake distributed denial-of-service (DDoS) protection notifications that lead to the delivery of malware.DDoS protection...
Management & Strategy
A cybersecurity analysis of hundreds of media industry vendors showed that many companies are slow to patch critical vulnerabilities, according to MDR and third-party...
Malware & Threats
Secureworks security researchers have analyzed ‘DarkTortilla’, a .NET-based crypter used to deliver both popular malware and targeted payloads.
Cybercrime
Dark web intelligence firm Cyble reports seeing an increase in cyberattacks targeting virtual network computing (VNC).The VNC graphical desktop-sharing system relies on the Remote...
Cybercrime
China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS...
Supply Chain Security
A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.
Application Security
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
Cybercrime
Cybercriminals breached Cisco Systems and stole non-sensitive dataProfit-driven cybercriminals breached Cisco systems in May and stole gigabytes of information, but the networking giant says...
Black Hat
LAS VEGAS – The security industry makes its annual pilgrimage to the hot Sonoran desert this week for skills training, hacking demos, research presentations...
Application Security
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that...
Mobile & Wireless
Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.
Funding/M&A
Cybersecurity Funding
Vulnerabilities
