The malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile […]
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such […]
Runtime Ventures Launches New Fund for Seed, Pre-Seed Startups
Co-founders Michael Sutton and David Endler raised $32 million to invest in early stage cybersecurity startups as well as to provide mentoring support. ​The original […]
Legacy Stripe API Exploited: Why PCI DSS Requirement 6.4.3 is Critical for Payment Security
The digital payment ecosystem is under constant attack, and a recent campaign exploiting a legacy Stripe API has brought a new level of urgency to securing payment […]
_Anthony_Brown_Alamy.jpg)
Emerging Risks Require IT/OT Collaboration to Secure Physical Systems
With an increase in cyber-physical attacks that can cause significant disruptions, financial fallout and safety concerns for victim organizations, Renee Guttmann and Marc Sachs discuss […]
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced “QuickShell” silent RCE attack chain against Windows users. ​The original article found […]
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving […]
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector […]
_Hanna_Kuprevich_Alamy.jpg)
Social Engineering Just Got Smarter
Polices that forbid employees from divulging company details are worthless if the same information can be obtained from sources employees have no control over. ​The […]
New PCI DSS Rules Say Merchants on Hook for Compliance, Not Providers
Merchants and retailers will now face penalties for not being compliant with PCI DSS 4.0.1, and the increased security standards make it clear they cannot […]