New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.
The Government of Canada announced its intention to ban the use of Huawei and ZTE telecommunications equipment and services across the country's 5G and 4G networks.
The Government of Canada has serious concerns about suppliers such as Huawei and ZTE who could be compelled to comply with extrajudicial directions from foreign governments in ways that would conflict with Canadian laws or would be detrimental to Canadian interests.
The Russia-linked ransomware gang demanded $20 million in ransom — and the overthrow of Costa Rica's elected government. Where does that leave smaller, equally vulnerable nation states?
The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries.
Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.
This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...
The following is a closer look at one of the most active Pro-Russian ‘hacktivist’ groups currently operating during the Ukraine-Russia war…
The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco
Parmigiano Reggiano has used tracking codes for two decades, but now they are going high tech.
The data could be a potential first step to identifying the users of a specific app in a post-abortion rights America.
On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in the Jupiter and JupiterX Premium themes and the required JupiterX Core companion plugin for WordPress, which included a critical privilege escalation vulnerability that allowed any user to become an administrator. The plugin developers quickly replied ...Read More
Research is largely theoretical but exposes an overlooked security issue.
Information about 0-days exploited in-the-wild!
A new study by Juniper Research has found operators will generate $27 billion from the termination of SMS messages related to multi-factor authentication in 2022; an increase from $25 billion in 2021. The research predicts this 5% growth will be driven by increased pressure on digital service providers to offer secure authentication that reduces risk of data breaches and protects user identity. Multi-factor authentication combines multiple credentials to verify a user or transaction. This includes sending an SMS that contains a one‑time password or code to a user’s unique phone number.
Tracking, marketing, and analytics firms have been exfiltrating the email addresses of internet users from web forms prior to submission and without user consent, according to security researchers.
Web users enter their email addresses into online forms for a variety of reasons, including signing in or signing up for a service or subscribing to a newsletter. While enabling such functionality, email addresses typed into forms can also be collected by third-party scripts even when users change their minds and leave the site without submitting the form.
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals.
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Rules for industries and governments aim to prevent all-out cyber breakdown.
The Linux Foundation and the Open Source Software Security Foundation (OpenSSF) brought together over 90 executives from 37 companies and...
