Security News

CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
2024-12-10 09:12

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense...

Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
2024-12-04 04:48

Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "The ongoing...

Hackers abuse Avast anti-rootkit driver to disable defenses
2024-11-23 15:07

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. [...]

Prompt Injection Defenses Against LLM Cyberattacks
2024-11-07 16:13

Interesting research: “Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks“: Large language models (LLMs) are increasingly being harnessed to automate...

Infostealer malware bypasses Chrome’s new cookie-theft defenses
2024-09-24 17:31

Infostealer malware developers released updates claiming to bypass Google Chrome's recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. [...]

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
2024-09-17 12:22

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum...

Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense
2024-09-12 04:00

In this Help Net Security, Erica Banks, VP and a leader in Booz Allen’s civilian services business, discusses the Federal Cybersecurity Strategy’s role in safeguarding national assets. Banks...

New Tickler malware used to backdoor US govt, defense orgs
2024-08-28 18:36

The APT33 Iranian hacking group has used new Tickler malware to backdoor the networks of organizations in the government, defense, satellite, oil and gas sectors in the United States and the...

New Tickler malware used to backdoor US govt, defense orgs
2024-08-28 18:36

The APT33 Iranian hacking group has used new Tickler malware to backdoor the networks of organizations in the government, defense, satellite, oil and gas sectors in the United States and the...

UK plans to revamp national cyber defense tools are already in motion
2024-08-02 10:34

The UK's National Cyber Security Centre says it's in the planning stages of bringing a new suite of services to its existing Active Cyber Defence program. Existing services under ACD 1.0 such as Logging Made Easy and Protective DNS are already run by external partners - CISA and Cloudflare respectively - but some, such as Early Warning, can only ever be run by the NCSC due to their very nature.