The API Security Crisis: Why Your Company Could Be Next
You're only as strong as your weakest security link.
Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations
Cybersecurity startup LeakSignal, a finalists in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is…
New LianSpy malware hides by blocking Android security feature
A previously undocumented Android malware named 'LightSpy' has been discovered targeting Russian users, posing on phones as an Alipay app…
Cryptonator seized for laundering ransom payments, stolen crypto
U.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces,…
Twilio kills off Authy for desktop, forcibly logs out all users
Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application. [...]
New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call 'BingoMod' can wipe devices after successfully stealing money from the victims' bank accounts using…
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal…
Google Chrome adds app-bound encryption to block infostealer malware
Google Chrome now comes with better cookie protection on Windows systems, with the addition of app-bound encryption, which improves defenses…
The Other Lesson from the XZ Utils Supply-Chain Attack
“The best supply chain attack execution ever seen” might sound like yet another hyperbole designed to attract attention, except in…
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool…