According to security researchers at Censys, the recently uncovered cyberespionage campaign named ArcaneDoor, which involves hacked Cisco firewalls, may be the work of a Chinese threat actor.

The modular Trojan "Zloader," also known as "Terdot," "DELoader," or "Silent Night," is based on leaked Zeus source code.

Researchers at the cybersecurity scanning company Bitsight found that the US Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog benefits organizations inside and outside the federal g

According to Valence Security's "2024 State of SaaS Security Report," 58 percent of organizations have had a Software-as-a-Service (SaaS) security incident in the last 18 months.

According to security researchers at Dynatrace, three-quarters (72%) of global CISOs have experienced an application security incident in the past two years, causing lost revenue and market share.

Selections by dgoff

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) call on software companies to review for and fix path traversal security vulnerabilities before shipping.

Law enforcement recently shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily.

The National Security Agency (NSA), together with the Federal Bureau of Investigation (FBI) and the US Department of State, released a Cybersecurity Advisory (CSA) titled "North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphis

Microsoft researchers found a vulnerability pattern dubbed "Dirty Stream" in popular Android apps, putting billions of users at risk.

A new botnet called "Goldoon" targets D-Link routers by exploiting a nearly decade-old critical security flaw to launch more attacks.

There has been a rise in the use of native Microsoft services by nation-state espionage actors for their Command-and-Control (C2) needs.