Security Bulletin

The more we use the cloud, the more maintaining browser security becomes crucial.

Within 25 minutes of having received his Mac workstation, the North Korean operative — who used VPN to conceal the location of the IT mule farm where the workstation was sent — leveraged Raspberry Pi to facilitate malware downloads, session history...

Intrusions conducted by PatchWork commenced with the distribution of a malicious LNK file enabling the download of a fraudulent PDF to conceal compromise with Brute Ratel C4 and PGoShell malware.

Information exposed by the misconfigured ClickBalance database included API keys, access tokens, secret keys, tax identification numbers, and bank account numbers, as well as more than 381,000 email addresses.

Included in the leaked database were BreachForums 1.0 members' user IDs, login names, email addresses, registration IP addresses, and last used IP addresses.

Such exposed information may have been exfiltrated from a compromised Diligent Corp. system leveraged by Leidos for internal investigation data hosting, noted a source close to the matter.

With the impacted site potentially still being cached, users have been urged by dYdX to ensure that their browsers are restarted and caches cleared before visiting the website.

Attackers leveraged phishing emails with a malicious Word attachment having the same text as Microsoft's support bulletin regarding its Recovery Tool for outage-hit devices that contains macros, which when enabled facilitates the download of a DLL...

We can keep data secure, but we have to overcome perception and cultural issues and develop standards and more effective tools.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q2...

NoName057(16) functions as a hacktivist crew primarily carrying out politically motivated DDoS attacks.

After years of delays, Google ditched its plan to kill cookies, instead opting to let users make an “informed choice.”