Whitepapers | Cybersecurity News, Insights and Analysis

Can Tech Visionary Elon Musk Spur Cybersecurity Innovation at Twitter?

LATEST SECURITY NEWS HEADLINES

Nikkei Says Customer Data Likely Impacted in Ransomware Attack

New Brute Force Attacks Against SQL Servers Use PowerShell Wrapper

DoJ Will No Longer Use CFAA to Charge Ethical Hackers

Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies

Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines

NEWS & INDUSTRY UPDATES

GitHub Confirms Another Major NPM Security Defect

Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]

SolarWinds Outlines 'Triple Build' Software Development Model to Secure Supply Chain

SolarWinds describes a new triple build model designed to ensure that software builds can never again be compromised in the way that Nobelium injected the Sunburst malware into its Orion software. [Read More]

Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API

Mozilla says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web requests. [Read More]

Endpoint Security Platform Kolide Banks $17 Million Investment

Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]

CISA, FBI Warn of Increase in Ransomware Attacks on Holidays

The two agencies warn of a noticeable increase in ransomware attacks on holidays and weekends, when offices are closed. [Read More]

New iOS Zero-Click Exploit Defeats Apple 'BlastDoor' Sandbox

The University of Toronto's Citizen Lab finds a new iOS zero-click exploit in an iPhone surveillance campaign targeting bloggers, activists and dissidents in Bahrain. [Read More]

Report: Iranian APT Hexane Targets Israeli Companies

A report from ClearSky documents a threat actor has been targeting multiple organizations in Israel using supply chain tools and impersonating known companies. [Read More]

Microsoft Confirms 'PrintNightmare' is New Windows Security Flaw

Microsoft confirms a new unpatched Windows Print Spooler security vulnerability is major code execution threat. [Read More]

Windows Admins Scrambling to Contain 'PrintNightmare' Flaw Exposure

Demo exploit code for a nasty Windows Print Spooler vulnerability is published online, prompting questions about the effectiveness of Microsoft's recent security update. [Read More]

Google Confirms Sixth Zero-Day Chrome Attack in 2021

For the sixth time this year, Google ships Chrome point-update to fix code execution holes that the company says is already being exploited by malicious hackers. [Read More]