SWEEPS Educational Initiative Offers Application Security Training
The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California…
WhatsApp: NSO Group Operates Pegasus Spyware for Customers
Freshly released court documents reveal new details on controversial Israeli spyware firm's operations.
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client…
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). [...]
Illegal Crypto Mining: How Businesses Can Prevent Themselves From Being ‘Cryptojacked’
The popularity of cryptocurrencies like Ethereum and Bitcoin surged during the pandemic era. What began as a niche, almost novelty…
NSO Group used another WhatsApp zero-day after being sued, court docs say
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities…
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS…
The Future of Cybersecurity: Predictions for 2025 and Beyond
by Gary S. Miliefsky, CISSP, fmDHS As the publisher of Cyber Defense Magazine, I have a great honor and pleasure…
Lessons From OSC&R on Protecting the Software Supply Chain
A new report from the Open Software Supply Chain Attack Reference (OSC&R) team provides a framework to reduce how much…
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more…