The sophisticated botnet also has high persistence and is capable of delivering different types of malware in addition to launching DDoS attacks.
The Zoom video conferencing client for macOS does not take full advantage of the application hardening features the operating system offers.
Newly discovered Vollgar attack uses brute force to infect vulnerable Microsoft SQL servers at a high rate.
Security researchers have come across an attack where an USB dongle designed to surreptitiously behave like a keyboard was mailed to a company.
APT41 has compromised apps from Cisco, Citrix and Zoho worldwide at a time when many companies are less able to respond.
A zero trust model addresses many of the security concerns around supporting large numbers of remote workers.
The Load Value Injection attack can bypass security boundaries and mitigations put in place for other CPU vulnerabilities such as Spectre and Meltdown.
The homegrown solution takes advantage of the native capabilities that already exist on container orchestration platforms, built on open source tools.
Researchers reveal that a previously known Intel flaw is unpatchable and could allow attackers to compromise the cryptographic chain of trust.
New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.
Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.
Ransomware has matured and its threat level is now on par with APTs as attackers use better tools and learn from past mistakes.
A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack.
New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.
The three individuals arrested represent only a small portion of the Magecart web-skimming group, but the investigation is ongoing.
