Lessons From OSC&R on Protecting the Software Supply Chain
A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much…
Guarding the Games: Cybersecurity and the 2024 Summer Olympics
As Paris prepares to host the 2024 Summer Olympic Games, athletes from around the world converge to represent their country.…
Frenos Takes Home the Prize at 2024 DataTribe Challenge
Frenos offers a zero-impact, continuous security assessment platform for operational technology environments.
Fraud network uses 4,700 fake shopping sites to steal credit cards
A financially motivated Chinese threat actor dubbed "SilkSpecter" is using thousands of fake online stores to steal the payment card…
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited…
New Glove infostealer malware bypasses Chrome’s cookie encryption
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies. [...]
ChatGPT allows access to underlying sandbox OS, “playbook” data
OpenAI's containerized ChatGPT environment is open to limited yet extensive access to core instructions while allowing arbitrary file uploads and…
Hamas Hackers Spy on Mideast Gov’ts, Disrupt Israel
APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending…
Critical bug in EoL D-Link NAS devices now exploited in attacks
Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached…
5 Essential Features of an Effective Malware Sandbox
Malware sandboxes offer a safe and controlled environment to analyze potentially harmful software and URLs. However, not all sandboxes incorporate…