Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack…
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these…
An Analysis of the EU’s Cyber Resilience Act
A good—long, complex—analysis of the EU’s new Cyber Resilience Act. A good—long, complex—analysis of the EU’s new Cyber Resilience Act.…
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting,…
‘SloppyLemming’ APT Abuses Cloudflare Service in Pakistan Attacks
Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to…
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a “handful” of U.S. internet service providers (ISPs) as part of a…
CrowdStrike Offers Mea Culpa to House Committee
The company said the rogue update that caused disruptions on a global scale resulted from a “perfect storm” of issues.…
China’s ‘Salt Typhoon’ Cooks Up Cyberattacks on US ISPs
The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a…