In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the exploit for Internet Explorer in the original blog post,…
KryptoCibule spreads via pirated software and game torrents.
The six malicious apps have been removed from Google Play, but could still threaten 200,000 installs.
Next week, Senior Analyst Dave Gruber of ESG will join cybersecurity company Cynet for a webinar to help companies better understand the promise and realities of emerging XDR technologies
Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices.
The RAT has been distributed in various campaigns over the past six months, targeting both European officials and Tibetan dissidents.
Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites.
Some underground forum users said they’re monetizing the information through the State Department’s anti-influence-campaign effort.
In a rare move, the encrypted messaging service is being used to send stolen payment-card data from websites back to cybercriminals.
While privacy advocates have warned against Ring’s partnerships with police, newly unearthed documents reveal FBI concerns about ‘new challenges’ smart doorbell footage could create for cops.