Security Bulletin

Widely known threat actor USDoD, also known as EquationCorp, has revealed himself to be Luan G from Brazil after being "doxed" by cybersecurity firm CrowdStrike.

Attackers distributed a ZIP file with a malicious Microsoft Script Component file, which when opened facilitated code execution via the GrimSource attack technique involving the utilization of an apds.dll cross-site scripting flaw to enable malicious...

Thousands of travelers have been impacted by internet outages at the Port of Seattle and the Seattle-Tacoma International Airport on Saturday, which were confirmed to be due to a cyberattack.

Such payment was provided not only to prevent exposure of the stolen data but also to secure decryption tool access for compromised systems.

Theresa Payton, CEO of Fortalice Solutions, LLC, and former White House CIO, explores the future of cybersecurity.

With the ability to deploy a remote shell allowing remote access to infected devices and memory modification, sedexp has been used by threat actors to facilitate the obfuscation of modified Apache configuration files, web shells, and the udev rule.

Attacks commenced with the download of malicious ZIP files purporting to be pirated movies that contain an LNK file, which links with a memory-only JavaScript dropper-hosting content delivery network to execute PEAKLIGHT, according to an analysis...

Attacks involved the utilization of accounts spoofing Microsoft, Google, Yahoo, and AOL IT support to target other WhatsApp accounts belonging to individuals in the U.S., Iran, Israel, Palestine, and the UK, according to Meta researchers.

As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.

The promise of AI is that it will let security teams run continuous monitoring on 100% of the company’s assets, so the 80-20 rule no longer applies.

The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.

The malware-as-a-service is based on Atomic Stealer, charges half the price and imitates legitimate software.