Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat.
Cyber News, Cyber Threat Trends
Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.
Cyber News, Cyber Threat TrendsA cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam
Cyber News, Cyber Threat TrendsA cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam
Cyber News, Cyber Threat Trends
Joe Sullivan’s lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.
Cyber News, Cyber Threat TrendsA cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam
Cyber News, Cyber Threat TrendsThis is a fun challenge: The NIST elliptic curves that power much of modern cryptography were generated in the late ’90s by hashing seeds provided by the NSA. How were the seeds generated? Rumor has it that they are in turn hashes of English sentences, but the person who picked them, Dr. Jerry Solinas, passed […]
Cyber News, Cyber Threat Trends
The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. “The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value,” […]
Cyber News, Cyber Threat Trends
Progress Software could be staring at fresh litigations over the explosive zero-day found in its file transfer service, MOVEit, which affected millions of end users globally. The latest probe comes from the US Security and Exchange Commission (SEC), which is seeking information related to the mass hack. “On October 2, 2023, Progress received a subpoena […]
Cyber News, Cyber Threat Trends