Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.
Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.
To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.
New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.
The Government of Canada announced its intention to ban the use of Huawei and ZTE telecommunications equipment and services across the country's 5G and 4G networks.
The Government of Canada has serious concerns about suppliers such as Huawei and ZTE who could be compelled to comply with extrajudicial directions from foreign governments in ways that would conflict with Canadian laws or would be detrimental to Canadian interests.
Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.
The Russia-linked ransomware gang demanded $20 million in ransom — and the overthrow of Costa Rica's elected government. Where does that leave smaller, equally vulnerable nation states?
The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries.
Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.
This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...
The following is a closer look at one of the most active Pro-Russian ‘hacktivist’ groups currently operating during the Ukraine-Russia war…
The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco
Parmigiano Reggiano has used tracking codes for two decades, but now they are going high tech.
Décisions, communications et avis du Conseil fédéral. Les décisions prises par le Conseil fédéral lors de sa séance hebdomadaire sont publiées ici.
The data could be a potential first step to identifying the users of a specific app in a post-abortion rights America.
On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in the Jupiter and JupiterX Premium themes and the required JupiterX Core companion plugin for WordPress, which included a critical privilege escalation vulnerability that allowed any user to become an administrator. The plugin developers quickly replied ...Read More
Research is largely theoretical but exposes an overlooked security issue.
Information about 0-days exploited in-the-wild!
Le dernier correctif de Microsoft relatif à la faille CVE-2022-26925 pour forcer l'authentification à un contrôleur de domaine via le protocole NTML ne met pas un terme aux exploits de vulnérabilités PetitPotam. Les entreprises ont surtout intérêt à adopter de meilleures pratiques et paramétrer correctement leurs pare-feux.
Numerosi rapporti ci suggeriscono che gli attacchi basati su codici malevoli rappresentano la maggioranza delle offensive cui osserviamo, tra esse la fanno da padrona i ransomware e gli info-stealer, questi ultimi sono malware concepiti per rubare un gran numero di informazioni dai sistemi infetti. Premesso ciò, chiediamoci quale sia la disponibilità sul mercato criminale di questi strumenti, quali siano i costi ed il modello di vendita.
