Five tips to help execute an employee training program
One of the best ways to reduce the risk of data breaches is employee training. This is particularly important during the fall “back to business” season when many …
New wave of targeted attacks focus on industrial organizations
Kaspersky Lab researchers discovered a new wave of targeted attacks against the industrial and engineering sectors in 30 countries around the world. Dubbed Operation Ghoul, …
Spammers modify sites’ core WordPress files for long-lasting compromise
In their quest to compromise WordPress installations and prevent site owners from discovering it and cleaning up the website, blackhat SEO spammers have turned to modifying …
Leaked hacking tools can be tied to NSA’s Equation Group
The batch of data released by the Shadow Brokers, an entity that claims to have hacked the Equation Group, contains attack tools that can be tied to the group. Equation Group …
Organizations still unprepared for malicious insiders
Organizations globally believe they are their own worst enemy when it comes to cybersecurity, with 45 percent saying they are ill-equipped to cope with the threat of malicious …
The inner workings of the Cerber ransomware campaign
Check Point’s research team has analysed the inner workings of Cerber, the world’s biggest ransomware-as-a-service scheme. Cerber execution flow Cerber is a ransomware …
Bug in Rockwell’s PLCs allows attackers to modify firmware
There is an undocumented SNMP community string in Rockwell Automation’s MicroLogix 1400 programmable logic controllers that can be exploited by attackers to remotely …
Subverting protection into DDoS attacks
On average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service …
Shark Ransomware-as-a-Service: A real threat, a scam, or both?
A new Ransomware-as-a-Service project has sprung up, and the “service providers” are allowing others to use it for free, but take a 20 percent cut out of every …
Proxy authentication flaw can be exploited to crack HTTPS protection
Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Google Duo: Simple, encrypted, video calling app
Google Duo is a simple 1-to-1 video calling app available for Android and iOS. In order to use Google Duo all you need is your phone number, no separate account is necessary. …
Featured news
Resources
Don't miss
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware
- Are we securing AI like the rest of the cloud?
- How exposure-enriched SOC data can cut cyberattacks in half by 2028
- Europe’s AI strategy: Smart caution or missed opportunity?