BitPyLock threat actors are now exfiltrating data before the ransomware encryption begins
Project Zero goes public 90 days after disclosing the vulnerability to the affected organisation. Now, they have added a 14-day grace period on request
Why did Facebook close its encrypted Tor service when its TLS cert expired (it had good reason to), how did it let the certificate expire, & are you any better at having the visibility to maintain your TLS certs?
The first time you got your hands on powerful penetration testing tools, you must have thought 'just think what I could do with this'. And that's just what the criminals think too - and then they do it.
A well-resourced and successful threat actor - the Lazarus Group, widely believed to be the North Korean state - has developed fileless malware aimed at macOS for criminal purposes.
Common Weakness Enumeration list reveals the critical software errors that could impact enterprise security
Half of Oracle EBS customers have not patched critical payment system vulnerabilities in Oracle E-Business Suite - with a CVSS score of 9.9 out of 10, these these vulnderabilities are very high-risk indeed.
Security researchers find vulnerabilities in the supposedly impenetrable 'secure world' storage vault in Android phones that could allow access to payment credentials
A hardware vulnerability can have significant impact on software security as most software was designed around assumptions present in the hardware and subsequently compiled for a given hardware platform.
Survey says 39 percent of cybersecurity professionals identify cloud storage and file sharing apps as being the most vulnerable to insider attacks