December 2020 Patch Tuesday forecast: Always consider the risk
The final Patch Tuesday of the year is upon us and what a year it has been. Forcing many changes this year, the pandemic has impacted the way we conduct both security and IT …
25 vulnerabilities exploited by Chinese state-sponsored hackers
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or …
NSA warns about Sandworm APT exploiting Exim flaw
The Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019, the NSA has warned in a security …
Web shell malware continues to evade many security tools
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals …
Photos: RSA Conference 2020, part 3
RSA Conference 2020 is underway at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos from …
Speakers announced for CSA Summit at RSA Conference 2020
The Cloud Security Alliance (CSA) announced its headlining speakers for the 11th annual CSA Summit at RSA Conference 2020 (Feb. 24, San Francisco). Phil Venables, Board …
NSA unveils Ghidra reverse engineering tool at RSA Conference 2019
The National Security Agency (NSA) has released Ghidra, a free and cross-platform software reverse engineering tool suite used internally by the intelligence agency. They are …
Three things to know about the dark web
One of the more curious aspects about the dark web is that it didn’t start out as such a dark place: it began with bulletin boards in the 80s and 90s – the markets of …
US Cyber Command gets unified military command status
Last week, US President Donald Trump announced that the United States Cyber Command, which is currently a division of the NSA, will be elevated to the status of a Unified …
WannaCry: Who’s behind it? Who’s to blame?
As the amount of money in the three bitcoin addresses associated with the WannaCry attack slowly continues to rise, the question of who is behind the ransomware is still …
Microsoft to governments: Stop hoarding vulnerabilities
Microsoft is full of surprises lately: first they issued patches for unsupported versions of Windows, then they publicly criticized the NSA for hoarding knowledge about …
US intelligence chiefs don’t trust Kaspersky Lab software
The big question in Thursday’s intelligence hearing on worldwide threats before the US Senate Intelligence Committee was whether the Russian government interfered with …
Featured news
Resources
Don't miss
- Initial access broker pleads guilty to selling access to 50 corporate networks
- Confusion and fear send people to Reddit for cybersecurity advice
- Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers
- Fake browser crash alerts turn Chrome extension into enterprise backdoor
- Law enforcement tracks ransomware group blamed for massive financial losses