Billions of Android Devices Open to ‘Dirty Stream’ Attack
Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have…
DPRK’s Kimsuky APT Abuses Weak DMARC Policies, Feds Warn
Organizations can go a long way toward preventing spoofing attacks by changing one basic parameter in their DNS settings.
Software Security: Too Little Vendor Accountability, Experts Say
Actual legislation is a long shot and a decade away, but policy experts are looking to jump-start the conversation around…
‘DuneQuixote’ Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?
A recent campaign targeting Middle Eastern government organizations plays standard detection tools like a fiddle. With cyberattackers getting more creative,…
Private Internet Search Is Still Finding Its Way
The quest to keep data private while still being able to search may soon be within reach, with different companies…
UnitedHealth Congressional Testimony Reveals Rampant Security Fails
The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for…
Verizon DBIR: Basic Security Gaffes Underpin Bumper Crop of Breaches
MOVEit drove a big chunk of the increase, but human vulnerability to social engineering and failure to patch known bugs…
Attackers Planted Millions of Imageless Repositories on Docker Hub
The purported metadata for each these containers had embedded links to malicious files.
Canadian Drug Chain in Temporary Lockdown Mode After Cyber Incident
London Drugs offered no details about the nature of the incident, nor when its pharmacies would be functioning normally again.
To Damage OT Systems, Hackers Tap USBs, Old Bugs & Malware
USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps.