Security News > 2024 > March

The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion,...

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN services configured on Cisco Secure Firewall devices. The company says that the attacks have also been targeting other remote access VPN services and appear to be part of reconnaissance activity.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries and drivers, as they can affect multiple products and effectively offer more possibilities for attack. Another interesting conclusion from Google's recent rundown of the 97 zero-days exploited in-the-wild in 2023 is that there's a notable increase in targeting enterprise-specific technologies.

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2...

A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit...

Gain a deeper understanding of the difference between classing pen testing and PTaaS, explore the true costs of legacy pen testing, and gain insights into the many benefits of adopting PTaaS. How do classic penetration tests work? A hybrid alternative to traditional pen testing, PTaaS is a cloud-native, semi-automated service that delivers on-demand pen testing.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doing what's necessary to keep my organization's web applications secure?" The continuous evolution...