Meet 200 amazing and inspiring people that are making the interconnected world a safer place. See who made the list.
Last month, we introduced the SimuLand project to help security researchers around the world deploy lab environments to reproduce well-known attack scenarios, actively test detections, and learn more about the underlying behavior and implementation of adversary techniques.
When hackers broke into computers across Israel's government and tech companies, investigators looked for clues to find out who was responsible. The first evidence pointed directly at Iran, Israel's most contentious geopolitical rival. The hackers deployed tools normally associated with Iranians, for example, and wrote in the Farsi language.
Someone claiming to work with one of the most notorious ransomware gangs says they're fed up with how extortion money is divvied up and has leaked a host of the gang's files on a hacker forum.
On January 14, Microsoft released a set of patches for the Windows platform. While all of the issues addressed in the patch release are serious, this article will discuss one of them: CVE-2020-0601. Above anything else, we urge everyone to take action and patch their systems. CVE-2020-0601 is a serious vulnerability, because it can be exploited to undermine Public Key Infrastructure (PKI) trust.
There have been reports of hackers exploiting a new Auth Bypass bug which affects millions of Arcadyan routers.
TIPS & GUIDANCE Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.
A disgruntled member of the Conti ransomware program has leaked today the manuals and technical guides used by the Conti gang to train affiliate members on how to access, move laterally, and escalate access inside a hacked company and then exfiltrate its data before encrypting files.
iMazing's spyware detection tool is available as a free feature in iMazing 2.14 and above. It can be used to detect signs of infection by NSO's Pegasus and has the potential to evolve to detect other threats. The methodology implemented closely mirrors that of the open-source Mobile Verification Kit by Amnesty International's Security Lab.
A cybersecurity incident is a terrible crisis for any organization. Even with the best preparation and retainers, incident response is rarely an inexpensive endeavor in terms of money, people, operational disruption, or time. Investigations and forensics require specific expertise, and typically involve concerted eradication and recovery efforts.