Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the…
The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.
Google TAG report reveals that “hack for hire” firms are tapping into the coronavirus pandemic via WHO phishing lures.
Watchdog group said company has violated the Illinois BIPA and ‘will end privacy as we know it’ without intervention.
The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
The lawsuit, filed against Google by Arizona’s Attorney General, alleges that the tech giant uses “deceptive and unfair conduct” to obtain users’ location data.
Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.
Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.
The latest campaign spread malware via pirate gaming portals.