Security News > 2024 > August

DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that sensitive information was exposed in a cyberattack detected last Wednesday. [...]

For just a few days, the mWise cybersecurity conference is rolling back registration pricing to the Early Bird rate. Hurry, sale ends Wednesday, September 4. Learn more from mWISE Conference on...

A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed...

Prompt injection, ASCII smuggling, and other swashbuckling attacks on the horizon Microsoft has fixed flaws in Copilot that allowed attackers to steal users' emails and other personal data by...

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not.

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various...

BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent...

Sword or plowshare? That depends on whether you're an attacker or a defender Sponsored Feature Artificial intelligence: saviour for cyber defenders, or shiny new toy for online thieves? As with...

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East...

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials...