IBM Cloud Supply Chain Vulnerability Showcases New Threat Class
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
Hyundai app bugs allowed hackers to remotely unlock, start cars
Vulnerabilities in mobile apps exposed Hyundai and Genesis car models after 2012 to remote attacks that allowed unlocking and even…
TikTok ‘Invisible Body’ challenge exploited to push malware
Hackers are capitalizing on a trending TikTok challenge named 'Invisible Challenge' to install malware on thousands of devices and steal…
New Windows Server updates cause domain controller freezes, restarts
Microsoft is investigating LSASS memory leaks (caused by Windows Server updates released during the November Patch Tuesday) that might lead to…
New ransomware encrypts files, then steals your Discord account
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the…
The Next Generation of Supply Chain Attacks Is Here to Stay
With the proliferation of interconnected third-party applications, new strategies are needed to close the security gap.
Researchers Quietly Cracked Zeppelin Ransomware Keys
Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in…
Phishing kit impersonates well-known brands to target US shoppers
A sophisticated phishing kit has been targeting North Americans since mid-September, using lures focused on holidays like Labor Day and…
Web3, Good Hygiene, and the Need for End-to-End Security
By Professor Ronghui Gu, CEO, CertiK Having a smart contract audit is a lot like washing your hands– […] The…
Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday
Long-awaited security fixes for ProxyNotShell and Mark of the Web bypasses are part of a glut of actively exploited zero-day…