-
"New Cryptographic Protocol Aims to Bolster Open-Source Software Security"
BastionZero's OpenPubkey is a new cryptographic protocol designed to strengthen the open-source software (OSS) ecosystem. It is now a Linux Foundation open-source project. Additionally, Docker is integrating OpenPubkey for container signing.
-
"Staying Safe Online"
The US Department of Homeland Security (DHS) Science and Technology Directorate (S&T) aims to ensure the nation's cybersecurity in several ways, including through collaborative efforts to support and advance the mission of the Cybersecurity and Inf
-
"Microsoft: Human-Operated Ransomware Attacks Tripled Over Past Year"
According to Microsoft researchers, human-operated ransomware attacks have increased by more than 200 percent since September 2022, signaling a shift in the cybercrime underground.
-
"Fiserv Attack Exposes 837K Flagstar Bank Clients"
Cl0p, the Russia-linked ransomware group, added another US-based company to its MOVEit Transfer attack victims list.
-
"China-Linked Cyberspies Backdoor Semiconductor Firms With Cobalt Strike"
Hackers engaged in cyber espionage have used Taiwan Semiconductor Manufacturing Company (TSMC)-themed lures to infect Chinese-speaking semiconductor companies with Cobalt Strike beacons.
-
"North Korea's Lazarus Group Launders $900 Million in Cryptocurrency"
$7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group attributed to the theft of about $900 million between July 2022 and July 2023.
-
"Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA"
The US cybersecurity agency CISA and the NSA have recently issued new guidance on addressing the most common cybersecurity misconfigurations in large organizations.
-
"Group-IB: 'GoldDigger' Banking Trojan Targets Vietnamese Organizations"
In August, Group-IB found GoldDigger, an Android Trojan, targeting over 50 financial organizations in Vietnam.
-
"The Root Cause of Open-Source Risk"
2023 saw double the total of software supply chain attacks that occurred in 2019-2022. In 2023, Sonatype logged 245,032 malicious packages. One out of every eight open-source downloads now contains known and avoidable risks.
-
"Casino Giant MGM Expects $100 Million Hit From Hack That Led to Data Breach"
MGM Resorts International recently announced that a cyberattack that disrupted its operations last month would cause a $100 million hit to its third-quarter results as it works to restore its systems.
-
"New Tool Helps Mobile App Developers Create More Accurate iOS Privacy Labels"
Researchers at Carnegie Mellon University's (CMU) CyLab Security and Privacy Institute have been working on privacy nutrition labels for over a decade to easily show technology users how their data is being collected and used.
-
"Global CRM Provider Exposed Millions of Clients' Files Online"
Cybersecurity researcher Jeremiah Fowler discovered and reported an unsecured database containing over three million records to vpnMentor.
News