What is DevSecOps and Why is it Essential for Secure Software Delivery?
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the...
News
NiceRAT Malware Targets South Korean Users via Cracked Software
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which...
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake...
UK General Election: Tech Policy Expert Calls for Law Overhaul to Combat Deepfakes
Three weeks before the UK general election, Matthew Feeney, head of tech and innovation at the UK-based Centre for Policy...
Microsoft Admits Security Failings Allowed China to Access US Government Emails
Microsoft President Brad Smith had admitted security failings by the firm in enabling Chinese state hackers access the emails of...
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a...
Meta Pauses AI Training on EU User Data Amid Privacy Concerns
Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared...
Cybersecurity CPEs: Unraveling the What, Why & How
Staying Sharp: Cybersecurity CPEs Explained Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats....
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its...
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity...
High-Severity Vulnerability in Windows Wi-Fi Driver
Microsoft has released security updates in their June 2024 Patch Tuesday, including one to address a high-severity vulnerability (CVE-2024-30078) affecting...
Meta Halts AI Training on EU User Data Amid Privacy Concerns
Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared...
ZKTeco Biometric System Found Vulnerable to 24 Critical Security Flaws
An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could...
Learn to Secure Petabyte-Scale Data in a Webinar with Industry Titans
Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so...
Why Regulated Industries are Turning to Military-Grade Cyber Defenses
As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive...
Google’s Privacy Sandbox Accused of User Tracking by Austrian Non-Profit
Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble...
Unpacking 2024’s SaaS Threat Predictions
Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best...
North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics
Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as...
Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns
Microsoft on Thursday revealed that it's delaying the rollout of the controversial artificial intelligence (AI)-powered Recall feature for Copilot+ PCs....
New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models
The security risks posed by the Pickle format have once again come to the fore with the discovery of a...
Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware
The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps...
Chinese FortiGate Espionage Campaign Snares 20,000+ Victims
A sophisticated Chinese espionage campaign targeting Fortinet edge devices was far more extensive than previously thought, resulting in the compromise...
Chinese Hackers Leveraging ‘Noodle RAT’ Backdoor
A backdoor in Executable and Linkable Format (ELF) files used by Chinese hackers has wrongly been identified as a variant...
Microsoft Patches One Critical and One Zero-Day Vulnerability
System administrators have had a relatively quiet June Patch Tuesday after Microsoft revealed updates for just 51 vulnerabilities, only one...
