Mustang Panda Feeds Worm-Driven USB Attack Strategy
A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing…
Dark Reading Confidential: Pen Test Arrests, Five Years Later
Episode 3: On September 11, 2019, two cybersecurity professionals were arrested in Dallas County, Iowa and forced to spend the…
Platform Engineering Is Security Engineering
For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about…
Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia
A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as…
New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the “audio gap” and exfiltrating…
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these…
New Chrome Zero-Day
According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency. According to Microsoft…
Gallup Poll Bugs Open Door to Election Misinformation
Researchers flagged a pair of Gallup polling site XSS vulnerabilities that could have allowed malicious actors to execute arbitrary code,…