A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack.
Lucian Constantin |
06 Feb |
Read more
New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.
Lucian Constantin |
29 Jan |
Read more
The three individuals arrested represent only a small portion of the Magecart web-skimming group, but the investigation is ongoing.
Lucian Constantin |
28 Jan |
Read more
The six high-risk vulnerabilities result from hard-coded or no credentials in remote access software and the use of outdated applications.
Lucian Constantin |
24 Jan |
Read more
Software that writes more data to a memory buffer than it can hold creates vulnerabilities that attackers can exploit.
Lucian Constantin |
23 Jan |
Read more
The WireGuard VPN offers better performance and a simpler, effective approach to cryptography. Is it ready for the enterprise?
Lucian Constantin |
24 Dec |
Read more
The attackers customised the Magecart code to the Macy's website to steal credit card information in the wallet and new registrations.
Lucian Constantin |
19 Dec |
Read more
Researchers have recently detected an advanced persistent threat campaign that targets critical infrastructure equipment manufacturers.
Lucian Constantin |
18 Dec |
Read more
By manipulating the voltage of Intel CPUs that use SGX, researchers can extract sensitive data, including full RSA encryption keys.
Lucian Constantin |
11 Dec |
Read more
This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.
Lucian Constantin |
11 Dec |
Read more
By taking code from another Android Trojan, Anubis, the Ginp malware has enhanced itself and has begun targeting banks.
Lucian Constantin |
21 Nov |
Read more
The newly discovered Pipka script can delete itself from a website after execution, making it very difficult to detect.
Lucian Constantin |
15 Nov |
Read more
Many phishing websites are now using unique user IDs, giving defenders a signal to detect phishing attacks before they do much damage.
Lucian Constantin |
07 Nov |
Read more
The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder form them to use credential stuffing.
Lucian Constantin |
30 Oct |
Read more
Attackers are reportedly exploiting an unpatched vulnerability to take control of Android devices and potentially deliver spyware.
Lucian Constantin |
05 Oct |
Read more