The India-linked threat actor tracked as Patchwork was observed employing a new variant of the BADNEWS backdoor in a recent campaign, but the hackers also infected one of their own computers, giving researchers a glimpse into their operations.
The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point.
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code execution attacks.
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse.
French video game company Ubisoft this week confirmed that ‘Just Dance’ user data was compromised in a recent cybersecurity incident.
The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party.
Poland on Tuesday rejected accusations that it had used Pegasus spying software for political ends after a top lawyer opposed to the current government said he had been targeted.
The aggressive cellphone break-ins of a high-profile lawyer representing top Polish opposition figures came in the final weeks of pivotal 2019 parliamentary elections. Two years later, a prosecutor challenging attempts by the populist right-wing government to purge the judiciary had her smartphone hacked.
The Federal Bureau of Investigation (FBI) has released an alert regarding the exploitation of a recent vulnerability in Zoho’s ManageEngine Desktop Central product.
The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation efforts.
Privacy Settings
This website uses cookies to improve your experience while you navigate through the website.
