Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Hand
Stealthy firmware bootkit leveraged by APT in targeted attacks

Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …

criminal
77% of rootkits are used for espionage purposes

In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …

airport security
Smartphone counterespionage for travelers

If you’re traveling abroad on business, there’s a good chance you’ll need to bring along a smartphone to get around, meet up with associates or learn about the idiosyncrasies …

CVE-2021-40444 exploitation
CVE-2021-40444 exploitation: Researchers find connections to previous attacks

The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been …

match
Belgium’s Interior Ministry uncovers 2-year-long compromise of its network

Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.” …

compliance
What contractors should start to consider with the DoD’s CMMC compliance standards

Q1 2021 has been a tumultuous period in our era of cyber espionage. The Center For Strategic & International Studies (CSIS), which has been tracking “significant cyber …

keyboard
Digital dependence and innovation: Two critical trends in cyber espionage and crime

Being a veteran cybersecurity incident responder with over 21 years of field experience I know I will always have a job and it will always be interesting. In the evolution of …

SolarWinds
SolarWinds hack investigation reveals new Sunspot malware

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. …

video call
Top videoconferencing attacks and security best practices

Videoconferencing has become a routine part of everyday life for remote workers, students, and families. Yet widespread adoption of this technology has also attracted …

hand
SolarWinds hackers’ capabilities include bypassing MFA

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. …

FBI
US charges Sandworm hackers who mounted NotPetya, other high-profile attacks

The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an …

bomb
The biggest cyber threats organizations deal with today

Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect …

Don't miss

Cybersecurity news