October | Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes | | Palo Alto Unity42 |
October | Check Point Research Prevents Theft of Crypto Wallets on OpenSea, the World’s Largest NFT Marketplace | | Checkpoint |
October | Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF | | Cisco Talos |
October | Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution | | Cisco Talos |
October | Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities | | Cisco Talos |
October | Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows | | Cisco Talos |
October | Virus Bulletin: Old malware never dies – it just gets more targeted | | Eset |
October | Employee offboarding: Why companies must close a crucial gap in their security strategy | | Eset |
October | Don’t get phished! How to be the one that got away | | Eset |
October | Microsoft thwarts record‑breaking DDoS attack | | Eset |
October | Ransomware cost US companies almost $21 billion in downtime in 2020 | | Mcafee blog |
October | SilverTerrier – Nigerian Business Email Compromise | | Palo Alto Unity42 |
October | Wireshark Tutorial: Wireshark Workshop Videos Now Available | | Palo Alto Unity42 |
October | Credential Harvesting at Scale Without Malware | | Palo Alto Unity42 |
October | Network Security Trends: May-July 2021 | | Palo Alto Unity42 |
October | Dangling Domains: Security Threats, Detection and Prevalence | | Palo Alto Unity42 |
October | Phishing Eager Travelers | | Palo Alto Unity42 |
October | Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances | | Palo Alto Unity42 |
October | PixStealer: a new wave of Android banking Trojans abusing Accessibility Services | | Checkpoint |
October | Fuzzing Closed-Source JavaScript Engines with Coverage Feedback | | Project Zero |
October | Threat Advisory: Apache HTTP Server zero-day vulnerability opens door for attackers | | Cisco Talos |
October | Threat hunting in large datasets by clustering security events | | Cisco Talos |
October | A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus | | Cisco Talos |
October | Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router | | Cisco Talos |
October | Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs | | Cisco Talos |
October | TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines | | Cisco Talos |
October | Operation Layover: How we tracked an attack on the aviation industry to five years of compromise | | Cisco Talos |
October | Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities | | Cisco Talos |
October | Downtime on Talos Intelligence | | Cisco Talos |
October | Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF | | Cisco Talos |
October | Talos release protection against zero-day vulnerability (CVE-2021-40444) in Microsoft MSHTML | | Cisco Talos |
October | Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library | | Cisco Talos |
October | Translated: Talos' insights from the recently leaked Conti ransomware playbook | | Cisco Talos |
October | Attracting flies with Honey(gain): Adversarial abuse of proxyware | | Cisco Talos |
October | FontOnLake: Previously unknown malware family targeting Linux | | Eset |
October | Google to turn on 2FA by default for 150 million users, 2 million YouTubers | | Eset |
October | To the moon and hack: Fake SafeMoon app drops malware to spy on you | | Eset |
October | UEFI threats moving to the ESP: Introducing ESPecter bootkit | | Eset |
October | October is Cybersecurity Awareness Month! Why being cyber‑smart matters | | Eset |
October | Hackers could force locked iPhones to make contactless payments | | Eset |
October | ESET Threat Report T2 2021 | | Eset |
October | CISA and NSA release guidance for securing VPNs | | Eset |
October | Google releases emergency fix to plug zero‑day hole in Chrome | | Eset |
October | Bug in macOS Finder allows remote code execution | | Eset |
October | FamousSparrow: A suspicious hotel guest | | Eset |
October | Plugging the holes: How to prevent corporate data leaks in the cloud | | Eset |
October | European police dismantle cybercrime ring with ties to Italian Mafia | | Eset |
October | Numando: Count once, code twice | | Eset |
October | Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws | | Eset |
October | WhatsApp announces end‑to‑end encrypted backups | | Eset |
October | What is a cyberattack surface and how can you reduce it? | | Eset |
October | Beware of these 5 common scams you can encounter on Instagram | | Eset |
October | Victims duped out of US$1.8 million by BEC and romance scam ring | | Eset |
October | Howard University suffers cyberattack, suspends online classes in aftermath | | Eset |
October | ProtonMail forced to log user’s IP address after order from Swiss authorities | | Eset |
October | BladeHawk group: Android espionage against Kurdish ethnic group | | Eset |
September | Phishing Android Malware Targets Taxpayers in India | | Mcafee blog |
September | Threat Brief: CVE-2021-26084 | | Palo Alto Unity42 |
September | The Innocent Until Proven Guilty Learning Framework Helps Overcome Benign Append Attacks | | Palo Alto Unity42 |
September | DNS Rebinding Attack: How Malicious Websites Exploit Private Networks | | Palo Alto Unity42 |
September | New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305) | | Palo Alto Unity42 |
September | Now Patched Vulnerability in WhatsApp could have led to data exposure of users | | Checkpoint |
September | A parent’s guide to smartphone security | | Eset |
September | Twitter introduces new feature to automatically block abusive behavior | | Eset |
September | Flaw in the Quebec vaccine passport: analysis | | Eset |
September | Don’t use single‑factor authentication, warns CISA | | Eset |
September | Vaccine passports: Is your personal data in safe hands? | | Eset |
August | Worldwide Phishing Attacks Ramped Up At the Peak of Working From Home | | Palo Alto Unity42 |
August | Ransomware Groups to Watch: Emerging Threats | | Palo Alto Unity42 |
August | Discovering CAPTCHA Protected Phishing Campaigns | | Palo Alto Unity42 |
August | Beyond the pandemic: Why are data breach costs at an all‑time high? | | Eset |
August | Man impersonates Apple support, steals 620,000 photos from iCloud accounts | | Eset |
August | Microsoft Power Apps misconfiguration exposes millions of records | | Eset |
August | The SideWalk may be as dangerous as the CROSSWALK | | Eset |
August | The Rise of Deep Learning for Detection and Classification of Malware | | Mcafee blog |
August | Personal VPN and Its Evasions: Risk Factors and How to Maintain Network Visibility | | Palo Alto Unity42 |
August | Discovering CAPTCHA Protected Phishing Campaigns | | Palo Alto Unity42 |
August | Unit 42 Cloud Threat Report Update: Cloud Security Weakens as More Organizations Fail to Secure IAM | | Palo Alto Unity42 |
August | Indra — Hackers Behind Recent Attacks on Iran | | Checkpoint |
August | Understanding Network Access in Windows AppContainers | | Project Zero |
August | Malicious Campaign Targets Latin America: The seller, The operator and a curious link | | Cisco Talos |
August | Neurevt trojan takes aim at Mexican users | | Cisco Talos |
August | Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro | | Cisco Talos |
August | Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content | | Cisco Talos |
August | Vice Society Leverages PrintNightmare In Ransomware Attacks | | Cisco Talos |
August | Hackers swipe almost $100 million from major cryptocurrency exchange | | Eset |
August | Are you, the customer, the one paying the ransomware demand? | | Eset |
August | Health authorities in 40 countries targeted by COVID‑19 vaccine scammers | | Eset |
August | Nearly 2 million records from terrorist watchlist exposed online | | Eset |
August | Dumpster diving is a filthy business | | Eset |
August | XLSM Malware with MacroSheets | | Mcafee blog |
August | Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and *nix Systems? | | Mcafee blog |
August | New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices | | Palo Alto Unity42 |
August | Unit 42 Cloud Threat Report Update: Cloud Security Weakens as More Organizations Fail to Secure IAM | | Palo Alto Unity42 |
August | Microsoft Patched the Issue With Windows Containers That Enabled Siloscape | | Palo Alto Unity42 |
August | Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021 | | Palo Alto Unity42 |
August | Ransomware Families: 2021 Data to Supplement the Unit 42 Ransomware Threat Report | | Palo Alto Unity42 |
August | THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group | | Palo Alto Unity42 |
August | Do you like to read? I can take over your Kindle with an e-book | | Checkpoint |
August | Stealth is never enough, or Revealing Formbook successor’s C&C infrastructure | | Checkpoint |
August | Mid-Year Attack Trends Report Reveals A 29% Increase In Cyberattacks Against Organizations Globally | | Checkpoint |
August | Time-proven tricks in a new environment: the macOS evolution of Formbook | | Checkpoint |
August | Top prevalent malware with a thousand campaigns migrates to macOS | | Checkpoint |
August | Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT | | Cisco Talos |
August | Talos Incident Response quarterly threat report — The top malware families and TTPs used in Q2 2021 | | Cisco Talos |
August | Microsoft Patch Tuesday for August 2021 — Snort rules and prominent vulnerabilities | | Cisco Talos |
August | Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility | | Cisco Talos |
August | Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox | | Cisco Talos |
August | Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader | | Cisco Talos |
August | Threat Spotlight: Solarmarker | | Cisco Talos |
August | Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader | | Cisco Talos |
August | Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System | | Cisco Talos |
August | Examining threats to device security in the hybrid workplace | | Eset |
August | IISerpent: Malware‑driven SEO fraud as a service | | Eset |
August | Deepfakes – the bot made me do it | | Eset |
August | Ransomware runs rampant, so how can you combat this threat? | | Eset |
August | DEF CON 29: Satellite hacking 101 | | Eset |
August | IISpy: A complex server‑side backdoor with anti‑forensic features | | Eset |
August | Black Hat 2021: Lessons from a lawyer | | Eset |
August | Black Hat 2021: Wanted posters for ransomware slingers | | Eset |
August | IIStealer: A server‑side threat to e‑commerce transactions | | Eset |
August | Anatomy of native IIS malware | | Eset |
August | Is your personal information being abused? | | Eset |
August | Why cloud security is the key to unlocking value from hybrid working | | Eset |
August | Black Hat 2021 – non‑virtual edition | | Eset |
August | On course for a good hacking | | Eset |
August | Watch out for these scams targeting Amazon customers | | Eset |
August | Cybersecurity agencies reveal list of the most exploited vulnerabilities in the past 2 years | | Eset |
August | Tackling the insider threat to the new hybrid workplace | | Eset |
August | Most Twitter users haven’t enabled 2FA yet, report reveals | | Eset |
August | Booking your next holiday? Beware these Airbnb scams | | Eset |
August | Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS | | Eset |