News
-
"CI Fuzz CLI: Open-Source Tool Simplifies Fuzz Testing for C++"Fuzz testing helps developers protect their applications from memory corruptions, crashes, and other security issues such as Denial-of-Service (DoS) and uncaught exceptions. CI Fuzz CLI, a new security tool from Code Intelligence, allows developers to…
-
"Ransomware Data Theft Tool May Show a Shift in Extortion Tactics"Exmatter, a data exfiltration malware previously associated with the BlackMatter ransomware group, is now being upgraded with data corruption functionality, which may indicate a new tactic that ransomware affiliates may employ in the future. The new…
-
"Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor"A China-aligned Advanced Persistent Threat (APT) actor known as TA413 used recently disclosed flaws in Sophos Firewall and Microsoft Office to launch a new backdoor named LOWZERO as part of an espionage campaign targeting Tibetan entities. LOWZERO can…
-
"Exploring Transparency in Online Advertising"Targeted online advertising is now commonplace, with search engines and online social networks employing sophisticated targeting technologies to deliver sales pitches to specific end-users. However, while these technologies can help users see more…
-
"Ransomware Attacks on TargetCompany Compromised Microsoft SQL Servers"Security experts warn that FARGO ransomware is being used in a new wave of attacks against vulnerable Microsoft SQL servers. MS-SQL servers are database management systems that store data for online services and applications. During similar attacks in…
-
"Researcher Aims to Boost Rural Access to 5G, Harden Wireless Network Security and Help Conceive 6G"A map of nationwide 5G coverage from any mobile service provider reveals that rural areas do not have 5G service. The National Science Foundation (NSF) has awarded a three-year, $1 million grant to a University of Kansas researcher to improve the design…
-
"Brown Mathematicians' Algorithm to Serve as Cryptography Standard for Quantum Computing Era"The National Institute of Standards and Technology (NIST) has chosen four cryptography algorithms to serve as public key security standards in the upcoming era of quantum computers, which will render current encryption systems obsolete. Three of the four…
-
"New Metador APT Discovered Targeting ISPs, Telcos"Researchers have discovered a previously unknown, high-level attack group that has compromised telecommunications companies, universities, Internet Service Providers (ISPs), and other organizations throughout the Middle East and Africa by utilizing…
-
"90% Of Orgs Have Software Security Checkpoints in Their Software Development Lifecycle (SDLC)"According to the new Synopsys Building Security In Maturity Model (BSIMM) report, 90 percent of the member organizations surveyed have established software security checkpoints in their Software Development Lifecycle (SDLC), indicating that this is an…
-
"New Firmware Vulnerabilities Affecting Millions of Devices Allow Persistent Access"Security researchers at Binarly have discovered another round of potentially serious firmware vulnerabilities that could allow attackers to gain persistent access to millions of affected devices. The researchers identified seven new security holes…
-
"DOD's Digital Threats Are Increasingly Interconnecting, Watchdog Warns"According to a new Government Accountability Office (GAO) study, the digital information environment, continued spread of misinformation, and the growth of cyber threats across virtual networks are causing a new wave of significant national security…
-
"BIND Updates Patch High-Severity Vulnerabilities"The Internet Systems Consortium (ISC) recently announced the availability of patches for six vulnerabilities in the widely deployed BIND DNS software. Of the resolved security flaws, four have a severity rating of "high." All four flaws with a high…