We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - August 3. Join AI and data leaders for insightful talks and exciting networking opportunities. Learn More
In early September 2021, Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444).
(CNN) US officials warned that a wave of debilitating cyberattacks could accompany Russia’s war on Ukraine. So far they haven’t materialized, and US and Ukrainian officials are contemplating why as they prepare for the next phase of the war.
The indictments of four Russian nationals were unsealed by the Justice Department on Thursday, revealing a widespread hacking campaign against energy companies around the world.
ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine ESET researchers discovered a still-ongoing campaign using a previously undocumented Korplug va
Unoriginal-Rice-Patty “Can you believe that a low-quality garage door has better security than a Honda?” “Unoriginal-Rice-Patty” is my personal title for the Replay-based attack on Honda and Acura vehicles “Honda” in Japanese translates to “Original Rice Patty”.
The Lapsus$ Group threat actor has grown in just a few months from launching a handful of destructive attacks to stealing and publishing source code of multiple top-tier technology companies.
A hacking group calling itself Lapsus$ recently made waves by releasing sources codes it claimed to have stolen from Microsoft and Okta. Now, cybersecurity researchers investigating the attacks have traced them to a 16-year-old living with his mother near Oxford, England, according to Bloomberg.
Emotet has consistently employed financial themes in its phishing emails, and attackers have previously exploited the arrival of the U.S. tax season to construct emails targeting users who need to file tax returns. The 2022 tax season is no different.
A few days ago, Snyk reported on a new type of threat vector in the open source community: protestware. The advisory was about a transitive vulnerability — peacenotwar — in node-ipc that impacted the supply chain of a great deal of developers.
For cybersecurity pundits, it has become a doctrine that cyberdisruption, whether perpetrated directly or via proxy groups, can be expected to accompany military, political, and economic action as a way of softening up targets or of strategically applying pressure via subterfuge.
For the last 4 years, I’ve been providing API-level access to national government agencies so that they can search and monitor their government domains on Have I Been Pwned.
Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta’s customer data.
Initial Access Broker Landscape Version 1 of the initial access broker (IAB) landscape project helps clarify the economy of selling accesses by visualizing information flows. The project is curated by Trevor Giffen and reviewed by the broader Curated Intelligence community.
This article explores a phishing technique that simulates a browser window within the browser to spoof a legitimate domain. For security professionals, the URL is usually the most trusted aspect of a domain.
The teardown video depicted a somewhat complicated but not insurmountable process for getting inside that little metal rectangle, and there weren’t too many surprises.
The pronunciation of GIF is one of the oldest and most aggressive internet debates. Some of these will never be settled, but luckily with the GIF debate there’s an actual answer.
Image Credits: Photo by TeaCora Rooibos on Unsplash Open source code is integral to tech stacks at many large companies, but its authors rarely get recognized — let alone compensated — for their work.
Google LLC revealed today that it’s working with the music streaming app Spotify Inc. to test out third-party billing options for app developers. The announcement comes in the wake of massive pressure on Google and its rival Apple Inc.
Even though we weren’t really impressed with the battery life of the iPhone SE (2022) in our review, Apple deserves credit for increasing the device’s battery capacity to 2,018 mAh, which is a substantial upgrade over the previous model’s 1,821 mAh capacity.
Seattle Pride will not allow Amazon to sponsor LGBTQ pride celebration events in 2022. The nonprofit, which organizes pride events in Seattle and does other advocacy work, released a statement Tuesday that it would “part ways” with Amazon.
Russia’s lost Krasukha-4 electronic warfare system command module would be a prize for foreign intelligence agencies. A curious ‘container’ that Ukrainian troops captured today looks to actually represent a significant Russian loss and a potential intelligence goldmine.
For more than one decade, Kurt Wimmer was this blog and this blogger’s First Amendment defender, representing me pro bono.
John Carpenter’s 1982 movie The Thing, about a group of scientists battling a shape-shifting alien, is a classic of sci-fi horror. Humor writer Tom Gerencer is one of the film’s many fans. TV writer Andrea Kail agrees that The Thing is one of Carpenter’s best films.
The so-called ‘streaming wars’, just like any fiercely competitive exercise, is never static. To gain an advantage, to stand out in an ever-thickening crowd, participants need to change tactics, employ different strategies, zig when an opponent zags or come up with something entirely novel.
Taylor Hawkins, the drummer for American rock outfit Foo Fighters, has died at the age of 50, according to a statement from the band. Hawkins, who previously served as the touring drummer for Alanis Morissette, joined Foo Fighters in 1997 after the departure of original drummer William Goldsmith.