News
-
Five Charged in Scattered Spider Case
Five men have been indicted in connection with crimes committed by the Scattered Spider group Read More
-
Stories from the SOC: Registry Clues to PDF Blues: A Tale of PUA Persistence
Executive Summary Establishing persistence on a system allows a threat actor continued access or process execution across system restarts or other changes. For this reason, monitoring for and investigating persistence indicators are key components of any robust cybersecurity platform. Two common persistence techniques are using AutoStart Execution of programs during system boot or logon (T1547)…
-
Smashing Security podcast #394: Digital arrest scams and stream-jacking
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under “digital arrest”, how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the tables on fraudsters through deepfake AI. All this and much more is discussed in the…
-
Five Privilege Escalation Flaws Found in Ubuntu needrestart
Five LPE flaws in Ubuntu’s needrestart utility enable attackers to gain root access in versions prior to 3.8 Read More
-
60% of Emails with QR Codes Classified as Spam or Malicious
60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters Read More
-
Steve Bellovin’s Retirement Talk
Steve Bellovin is retiring. Here’s his retirement talk, reflecting on his career and what the cybersecurity field needs next. Read More
-
Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative
CrowdStrike unveiled a new Chinese-aligned hacking group allegedly spying on telecom providers Read More
-
Enhancing Cyber Resilience in US SLED Organizations
2024 Cyber Resilience Research Unveils US SLED Sector Challenges New data illuminates how US SLED leaders can prioritize resilience. US SLED (State, Local, and Higher Education) organizations find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks…
-
Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities
Apple has urged customers to download the security updates, which address vulnerabilities relating to the JavaScriptCore and WebKit frameworks Read More
-
OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs
OWASP has updated its Top 10 list of risks for LLMs and GenAI, upgrading several areas and introducing new categories Read More