Security News

Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to...

A new cybercrime marketplace, OLVX, has emerged and is quickly gaining new customers looking to purchase tools to conduct online fraud and cyberattacks. OLVX follows a recent trend where cybercrime marketplaces are increasingly hosted on the clearnet instead of the dark web, making them more accessible to a broader range of users and possible to promote through search engine optimization.

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. "In December 2023, we delivered an updated fix after identifying new exploit attempts against this same vulnerability in older, unsupported versions of the Sophos Firewall," the company shared on Monday by updating of the original security advisory.

Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors...

Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database. Infosec researcher Jeremiah Fowler found 948,029 records exposed online including donor names, addresses, phone numbers, emails, payment methods, and more.

Ukraine's biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet services. "The cyberattack on Ukraine's #Kyivstar telecoms...

How are organizations performing across cybersecurity controls in the Minimum Viable Secure Product framework? A recent analysis by Bitsight and Google reveals some good and some bad results - and room for improvement. The study analyzed the cybersecurity performance of nearly 100,000 organizations around the world across nine industries.

Sponsored Feature Most experts agree cybersecurity is now so complex that managing it has become a security problem in itself. Growing complexity, skills shortages, and rising costs have resulted in huge growth in the managed security service provider sector over the last decade.

Cybercrime gangs like the notorious Lazarus group and spyware vendors like Israel's NSO should be considered cyber mercenaries - and become the subject of a concerted international response - according to a Monday report from Delhi-based think tank Observer Research Foundation. Author Fitri Bintang Timur argued the term mercenary applies because, as amendments to the Geneva Convention put it, mercenaries are "An entity having the motivation to gain financial or material compensation in return for their willingness to fight for the recruiter's country."

Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are...