Nearly all keyboard apps that allow users to enter Chinese characters into their Android, iOS, or other mobile devices are vulnerable to attacks that...
Cybersecurity is constantly evolving and, as such, requires regular vigilance.Microsoft analyzes more than 78 trillion security signals every day to better understand the latest...
If history has anything to tell us, the most significant cyber threat to this year's elections won't be a leak, a distributed denial-of-service (DDoS)...
A state-sponsored threat actor has exploited two Cisco zero-day vulnerabilities in firewall devices to target the perimeter of government networks with two custom-built backdoors,...
COMMENTARYIn an earlier article, I covered what the Securities and Exchange Commission's (SEC) SolarWinds' indictments and four-day rule mean for DevSecOps. Today, let's ask a different...
An adversary doesn't need sophisticated technical skills to execute a broad software supply chain attack like the ones experienced by SolarWinds and CodeCov. Sometimes,...
North Korea's premiere advanced persistent threats (APTs) have been quietly spying on South Korean defense contractors for at least a year and a half,...
Remember that guy in the
trench coat, fedora pulled low, whispering sweet nothings about Nigerian
princes in your inbox? Those days are quaint, relics of a...
An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the...
COMMENTARYWaterfall Security Solutions, in collaboration with ICS Strive, recently released its "2024 Threat Report." The bad news is that, in 2023, there were 68 cyberattacks that...
Virtual file transfer system provider CrushFTP and various security researchers are sounding the alarm about a sandbox escape flaw in the CrushFTP server that...