China’s Evasive Panda Attacks ISP to Send Malicious Software Updates
The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data…
Critical Apache OfBiz Vulnerability Allows Preauth RCE
The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale…
Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations
Cybersecurity startup LeakSignal, a finalists in this year’s Black Hat USA Startup Spotlight competition, helps organizations see where data is…
Startup Spotlight: Knostic Tackles AI’s Oversharing Problem
Cybersecurity startup Knostic, a finalists in this year’s Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses…
Protect Data Differently for a Different World
Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric…
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called…
How Regional Regulations Shape Global Cybersecurity Culture
Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements…
Researchers Uncover Flaws in Windows Smart App Control and SmartScreen
Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to…