Please turn on your JavaScript for this page to function normally.
YubiKey 5Ci
Vulnerability allows Yubico security keys to be cloned

Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the …

digital wallet
Stolen, locked payment cards can be used with digital wallet apps

Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims report the card stolen and the bank replaces it, …

Microsoft Windows
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days

A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A …

developer
Innovative approach promises faster bug fixes

Modern software applications usually consist of numerous files and several million lines of code. Due to the sheer quantity, finding and correcting faults, known as debugging, …

SnailLoad
New security loophole allows spying on internet users’ online activity

Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. …

Cisco Webex
Vulnerability in Cisco Webex cloud service exposed government authorities, companies

The vulnerability that allowed a German journalist to discover links to video conference meetings held by Bundeswehr (the German armed forces) and the Social Democratic Party …

smartphone
Apps secretly turning devices into proxy network nodes removed from Google Play

Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and …

ransomware
RaaS groups increasing efforts to recruit affiliates

Smaller RaaS groups are trying to recruit new and “displaced” LockBit and Alphv/BlackCat affiliates by foregoing deposits and paid subscriptions, offering better …

malware
The most prevalent malware behaviors and techniques

An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, …

industry
Web-based PLC malware: A new potential threat to critical infrastructure

A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced …

ransomware
What makes ransomware victims less likely to pay up?

There’s a good reason why ransomware gangs started exfiltrating victims’ data instead of just encrypting it: those organizations pay more. University of Twente …

CloudFoxable
CloudFoxable: Open-source AWS penetration testing playground

CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to …

Don't miss

Cybersecurity news