Security News > 2024 > March

The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The...

TL;DR: Secure systems require experts who are up to date on the latest threats, and the Complete 2024 CompTIA Cyber Security Certification Training Bundle gives IT experts and regular users alike the tools they need to protect their networks for less than $40. As a regular internet user, you've probably already been targeted by malware, hackers or some other bad actor on the web. The Complete 2024 CompTIA Cyber Security Certification Training Bundle isn't just a way for aspiring admins to boost their resumes.

The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT. The attacks, which take the...

The Mobile Security Framework is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy evaluation.

Traditionally, medical devices have replacement schedules based on mean times for component failures, and not on cybersecurity concerns. Securing networked medical devices requires a complex strategy of mitigation efforts, starting with installing endpoint protection agents on devices that support it.

A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users...

With breach recovery costs skyrocketing, speeding time to recovery to minimize downtime and losses should be top of mind for security leaders. Most focus on adding more prevention and detection tools.

Fortinet has alerted users to a severe vulnerability in FortiClientEMS, enabling potential attacker-driven code execution.This SQL Injection flaw, identified as CVE-2023-48788 with a 9.3 CVSS score, affects FortiClientEMS versions 7.2.0 to 7.2.2 and 7.0.1 to 7.0.10; users should upgrade to safer versions. Credits for the discovery go to Thiago Santana and the U.K.'s NCSC.

69% consider this data storage essential to their corporate cybersecurity, and only 12% of those who deployed immutable data storage say it is not essential. This is followed by France at 96%, Germany at 94% and the UK at 85%. While a relatively low number of IT leaders worldwide who currently use immutable data storage do not regard it as "Essential" to their cybersecurity strategy, a larger percentage resides in the UK: 24% of UK respondents have deployed it but say it is not essential to their cybersecurity, compared to 11% in France, 9% in the US and 6% in Germany.

The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act - a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban. The bill names only TikTok as a "Foreign adversary controlled application" and prohibits "Providing services to distribute, maintain, or update" the app - including by offering it for sale in an app store.