A previously undocumented Android malware named ‘LightSpy’ has been discovered targeting Russian users, posing on phones as an Alipay app or a system service to evade detection. […]
Countdown is on: Last chance for discount registration at Mandiant’s mWISE 2024
There is only a few days left to get $300 off the standard conference price at mWISE. Learn more from mWise 2024 about how to get the discount and the upcoming cybersecurity sessions. […]
AI in the Enterprise: Cutting Through the Hype and Assessing Real Risks
The introduction of AI can bring benefits to the enterprise while not introducing additional risk that is beyond acceptable levels.
The post AI in the Enterprise: Cutting Through the Hype and Assessing Real Risks appeared first on SecurityWeek.
Researchers Uncover Flaws in Windows Smart App Control and SmartScreen
Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings.
Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run
Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run
Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning
Chinese group StormBamboo spotted delivering Windows and macOS malware by compromising an ISP and using DNS poisoning.
The post Chinese Hackers Deliver Malware via ISP-Level DNS Poisoning appeared first on SecurityWeek.
Former NSA Director Paul Nakasone Joins Ballistic Ventures as Strategic Advisor
Nakasone will assess the firm’s investments and offer strategic support to portfolio companies in the fight against adversarial advances in the cyber domain.
The post Former NSA Director Paul Nakasone Joins Ballistic Ventures as Strategic Advisor appeared first on SecurityWeek.
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master).
“The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data,” cybersecurity vendor BI.ZONE said in a new analysis.
The cyber attacks employ
“The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data,” cybersecurity vendor BI.ZONE said in a new analysis.
The cyber attacks employ
New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous
A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous.
The post New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous appeared first on SecurityWeek.
The Loper Bright Decision: How it Impacts Cybersecurity Law
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law.
Background
What is
Background
What is
Apache OFBiz Users Warned of New and Exploited Vulnerabilities
Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed.
The post Apache OFBiz Users Warned of New and Exploited Vulnerabilities appeared first on SecurityWeek.