You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius

Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company's attack surface and the "blast radius" of a potential attack.

Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks

The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found.

Intel Memory Bug Poses Risk for Hundreds of Products

Dell and HP were among the first to release patches and fixes for the bug.

Novel Phishing Trick Uses Weird Links to Bypass Spam Filters

A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains.

Actively Exploited Zero-Day Bug Patched by Microsoft

Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.

Ransomware Deals Deathblow to 157-year-old College

Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.

Hackers Actively Exploit F5 BIG-IP Bug

The bug has a severe rating of 9.8, public exploits are released.

Conti Ransomware Attack Spurs State of Emergency in Costa Rica

The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.

Low-rent RAT Worries Researchers

Researchers say a hacker is selling access to quality malware for chump change.

FBI: Rise in Business Email-based Attacks is a $43B Headache

A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.

Podcast: The State of the Secret Sprawl

In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe.

USB-based Wormable Malware Targets Windows Installer

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.

CANs Reinvent LANs for an All-Local World

A close look at a new type of network, known as a Cloud Area Network.

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

The vulnerability is 'critical' with a CVSS severity rating of 9.8 out of 10.

VHD Ransomware Linked to North Korea’s Lazarus Group

Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.

China-linked APT Caught Pilfering Treasure Trove of IP

A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.

Attackers Use Event Logs to Hide Fileless Malware

A sophisticated campaign utilizes a novel anti-detection method.

Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

A flaw in all versions of the popular C standard libraries uClibc and uClibc-ng can allow for DNS poisoning attacks against target devices.