Security Bulletin

Widely known threat actor USDoD, also known as EquationCorp, has revealed himself to be Luan G from Brazil after being "doxed" by cybersecurity firm CrowdStrike.

Attackers distributed a ZIP file with a malicious Microsoft Script Component file, which when opened facilitated code execution via the GrimSource attack technique involving the utilization of an apds.dll cross-site scripting flaw to enable malicious...

Thousands of travelers have been impacted by internet outages at the Port of Seattle and the Seattle-Tacoma International Airport on Saturday, which were confirmed to be due to a cyberattack.

Such payment was provided not only to prevent exposure of the stolen data but also to secure decryption tool access for compromised systems.

Theresa Payton, CEO of Fortalice Solutions, LLC, and former White House CIO, explores the future of cybersecurity.

With the ability to deploy a remote shell allowing remote access to infected devices and memory modification, sedexp has been used by threat actors to facilitate the obfuscation of modified Apache configuration files, web shells, and the udev rule.

Attacks commenced with the download of malicious ZIP files purporting to be pirated movies that contain an LNK file, which links with a memory-only JavaScript dropper-hosting content delivery network to execute PEAKLIGHT, according to an analysis...

Attacks involved the utilization of accounts spoofing Microsoft, Google, Yahoo, and AOL IT support to target other WhatsApp accounts belonging to individuals in the U.S., Iran, Israel, Palestine, and the UK, according to Meta researchers.

As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7971 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors...

The promise of AI is that it will let security teams run continuous monitoring on 100% of the company’s assets, so the 80-20 rule no longer applies.

If you follow my diaries, you probably already know that one of my favorite topics around malware is obfuscation. I'm often impressed by the crazy techniques attackers use to make reverse engineers' lives more difficult. Last week...