Ryan Naraine

EasyDMARC lands venture capital funding after finding traction in the email security and authentication business.

Apple said there's “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

Operant AI, a startup specializing in runtime protection for cloud applications, APIs, and AI systems, secures new $10 million investment.

“It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion."

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

Patch Tuesday: Adobe releases patches for 28 security vulnerabilities and warned of code execution risks on Windows and macOS platforms.

Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.

A secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.

Microsoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS).

The US oil giant updated an SEC filing to confirm malicious hackers “accessed and exfiltrated information” from its corporate systems.

Redmond's threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain.

Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia's APT29 and commercial spyware vendors.

Lea Kissner replaces Geoff Belknap as Chief Information Security Officer (CISO) at Microsoft-owned LinkedIn.

Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers.

Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.

More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.

GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.

A significant backdoor in contactless cards made by China-based Shanghai Fudan Microelectronics allows instantaneous cloning of RFID cards used to open office doors and...

The vulnerability, tracked as CVE-2024-38193 and marked as ‘actively exploited’ by Microsoft, allows SYSTEM privileges on the latest Windows operating systems.