‘Lyceum’ Threat Group Broadens Focus to ISPs
New report suggests attacker is targeting trusted supply chain companies in order to compromise large numbers of downstream customers.
Google Open Sources ClusterFuzzLite
ClusterFuzzLite is a stripped-down version of continuous fuzzing tool ClusterFuzz that integrates CI tools.
Windows 10 App Installer abused in BazarLoader malware attacks
The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems…
Sophisticated Android spyware PhoneSpy infected thousands of Korean phones
South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of […] The…
What Happens If Time Gets Hacked
Renowned hardware security expert raises alarm on the risk and dangers of cyberattackers targeting the current time-synchronization infrastructure.
Third-Party Software Risks Grow, but So Do Solutions
Enterprises are more dependent than ever on open source software and need to manage the risk posed by vulnerabilities in…
Insider IP Theft Is Surging — and Most Can’t Stop It
The Great Resignation is upon us, and insider IP theft is surging as a result. But it is a solvable…
Should Our Security Controls Be More Like North Korea or Norway?
When the drive for additional visibility and awareness is led by the business rather than just a SOC team, both…
New Application Security Toolkit Uncovers Dependency Confusion Attacks
The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally…
Firms Will Struggle to Secure Extended Attack Surface in 2022
Companies are relying more heavily on third parties, remote employees, and partners, expanding their attack surface area beyond traditional boundaries.