Network mistakes, misconfigurations cost companies millionsNetwork misconfigurations cost companies an average of 9% of annual revenues, according to a study released Wednesday by a network security...
What the Zola Hack Can Teach Us About Password Security
What the Zola Hack Can Teach Us About Password SecurityPassword security is only as strong as the password itself. Unfortunately, we are often reminded of the...
Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector
Conti Cybercrime Cartel Using 'BazarCall' Phishing Attacks as Initial Attack VectorA trio of offshoots from the notorious Conti cybercrime cartel have resorted to the technique of...
Black Hat 2022 Trip Report
Black Hat 2022 Trip Report It felt like I had stepped out of a time machine and it was 2019. I was walking about a mile...
Fast and Secure VPN on a Budget? Private Internet Access VPN Has You Covered
Fast and Secure VPN on a Budget? Private Internet Access VPN Has You CoveredBack when the internet consisted of a handful of computers networked together across...
Facebook Testing Default End-to-End Encryption and Encrypted Backup in Messenger
Facebook Testing Default End-to-End Encryption and Encrypted Backup in MessengerSocial media company Meta said it will begin testing end-to-end encryption (E2EE) on its Messenger platform this...
#BHUSA: New Open Source Group Set to Streamline Threat Detection
#BHUSA: New Open Source Group Set to Streamline Threat DetectionNew open source project set to reduce operational pain for SecOps analystsLeer másNew open source project set...
Top cybersecurity products unveiled at Black Hat 2022
Top cybersecurity products unveiled at Black Hat 2022Zero trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings...
What is a Zero Trust Environment? | HYPR
What is a Zero Trust Environment? | HYPR Cybersecurity is as guilty as any other industry when it comes to buzzwords, and one of the most...
Supply Chain Cybersecurity – the importance of everyone
Supply Chain Cybersecurity – the importance of everyoneThis week, I spoke with a new client who told me all about how they are looking forward to...
#BHUSA: Russia’s Wiper Attacks Against Ukraine Detailed
#BHUSA: Russia's Wiper Attacks Against Ukraine DetailedAccording to researchers, Russia is rolling out a growing list of wiper attacks against UkraineLeer másAccording to researchers, Russia is...
Cisco Confirms Network Breach Via Hacked Employee Google Account
Cisco Confirms Network Breach Via Hacked Employee Google AccountNetworking giant says attackers gained initial access to an employee’s VPN client via a compromised Google account.Leer másThreatpostNetworking...
FAANGs failing on keeping user data safe from bug hunters
FAANGs failing on keeping user data safe from bug huntersTime to call in the legal team Black Hat Dylan Ayrey, a bug hunter and CEO of...
New Hacker Forum Takes Pro-Ukraine Stance
New Hacker Forum Takes Pro-Ukraine StanceA uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and BelarusLeer másThreatpostA uniquely politically motivated...
#BHUSA: The Cyber Safety Review Board Outlines Log4j Lessons
#BHUSA: The Cyber Safety Review Board Outlines Log4j LessonsThe CSRB concluded that the initial disclosure on Log4j was done right, but there is still much to...
Starlink Successfully Hacked Using $25 Modchip
Starlink Successfully Hacked Using $25 ModchipBelgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for...
An eighties classic – Zero Trust
An eighties classic – Zero TrustA deep-dive in Zero-trust, to help you navigate in a zero-trust world and further secure your organization. The post An eighties...
Palo Alto Networks warns of Reflected Amplification DoS issue in PAN-OS
Palo Alto Networks warns of Reflected Amplification DoS issue in PAN-OSPalo Alto Networks devices running the PAN-OS are abused to launch reflected amplification denial-of-service (DoS) attacks....
BazarCall attacks have revolutionized ransomware operations
BazarCall attacks have revolutionized ransomware operationsThe Conti ransomware gang is using BazarCall phishing attacks as an initial attack vector to access targeted networks. BazarCall attack, aka...
Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite
Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration SuiteThreat actors are exploiting an authentication bypass Zimbra flaw, tracked as CVE-2022-27925, to hack Zimbra Collaboration Suite...
Cisco Confirms Cyberattack
Cisco Confirms CyberattackCisco has confirmed that the Yanluowang ransomware gang infiltrated their corporate network in May and that the attacker attempted to extort money from them...
UK NHS Hit with Ransomware Attack
UK NHS Hit with Ransomware AttackThere are concerns that patient data may have been the target of a ransomware attack on a software supplier that affected...
Cisco Hacked by Yanluowang: Detect Relevant Malicious Activity With Sigma Rules Kit
Cisco Hacked by Yanluowang: Detect Relevant Malicious Activity With Sigma Rules Kit On August 10, 2022, Cisco officially confirmed its corporate network hack by the Yanluowang...
NFTS Are Cool but Dangerous
NFTS Are Cool but DangerousBy Guy Rosefelt, CPO, Sangfor Technologies NFTs have become very popular with collectors and are more ubiquitous every […] The post NFTS...
Chinese criminals scam kids desperate to play games for more than three hours a week
Chinese criminals scam kids desperate to play games for more than three hours a weekScammers are stealing money from children, with the alluring but bogus promise...
Hacking Starlink
Hacking StarlinkThis is the first—of many, I assume—hack of Starlink. Leveraging a string of vulnerabilities, attackers can access the Starlink system and run custom code on...
It Might Be Our Data, But It’s Not Our Breach
It Might Be Our Data, But It’s Not Our Breach Image: Shutterstock. A cybersecurity firm says it has intercepted a large, unique stolen data set containing...
Google now blocks Workspace account hijacking attempts automatically
Google now blocks Workspace account hijacking attempts automaticallyGoogle Workspace (formerly G Suite) now comes with stronger protections for risky account actions, automatically blocking hijacking attempts with identity...
The Application of Cybersecurity for IoT Capabilities to Real-World Scenarios
The Application of Cybersecurity for IoT Capabilities to Real-World ScenariosNIST has a history of collaboration between its programs, which helps maximize project impacts and practicality to...
Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
Phishing attack abuses Microsoft Azure, Google Sites to steal cryptoA new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and...