Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking…
North Korean hackers exploit VPN update flaw to install malware
South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to…
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware.…
It Is Time for Smart Cyber Requirements for the Water Sector
Since 2021, the Biden Administration has been consistently talking about the limitations of a purely voluntary approach to cybersecurity for…
China’s APT41 Targets Taiwan Research Institute for Cyber Espionage
The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and…
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Data thieves heisted the HSA provider's data repository for 4.5 million people's HR information, including employer and dependents intel.
The Other Lesson from the XZ Utils Supply-Chain Attack
“The best supply chain attack execution ever seen” might sound like yet another hyperbole designed to attract attention, except in…
Artificial Intelligence in 2024
Major Cyber Threats Powered by AI Many have embraced artificial intelligence as a new paradigm, with some even going so…
Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue
Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices…
Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs
The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every…