The APT37 threat group uses a new evasive ‘M2RAT’ malware and steganography to target individuals for intelligence collection. APT37, also known as ‘RedEyes’ or ‘ScarCruft,’ is...
The LastPass security breach in late 2022 sent a shockwave through the security community. Password managers are typically seen as the most secure and trusted platforms because they...
A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. Code signing certificates...
Belgium has become the first European country to adopt a national, comprehensive safe harbor framework for ethical hackers, according to the country’s cybersecurity agency. The Centre...
Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra’s GoAnywhere MFT secure file transfer platform....
While we continue to wait for the long-awaited password-less future to arrive, individuals and enterprises are still stuck with the problem of how to manage their...
KeePass has become the latest password manager utility obliged to defend its reputation following the discovery of an alleged vulnerability. Security researchers warned that it might be possible to...
Detectify founder Frans Rosén has topped PortSwigger’s top 10 web hacking techniques of 2022 with ‘Account hijacking using dirty dancing in sign-in OAuth-flows’. Published in July, the...
Researchers have disclosed a raft of serious document management system (DMS) vulnerabilities impacting four enterprise vendors who have not yet resolved the issues. In a blog post published...
Denis Mihaqlovic Dubnikov used cryptocurrencies to attempt to hide his involvement in ransomware attacks on foreign and domestic companies. The Department of Justice successfully brought charges...