Cisco and Nvidia: Redefining Workload Security

By Jana Radhakrishnan — March 20^th 2024 at 12:00

There has been an exponential increase in breaches within enterprises despite the carefully constructed and controlled perimeters that exist around applications and data. Once an attacker can access… Read more on Cisco Blogs

The Hacker News

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

By Newsroom — February 8^th 2024 at 10:28

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. "The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"

The Hacker News

N. Korean Lazarus Group Targets Software Vendor Using Known Flaws

By Newsroom — October 27^th 2023 at 14:57

The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for

The Hacker News

Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware

By Newsroom — October 25^th 2023 at 09:13

The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines. "The

The Hacker News

New Mockingjay Process Injection Technique Could Let Malware Evade Detection

By Ravie Lakshmanan — June 27^th 2023 at 14:22

A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. "The injection is executed without space allocation, setting permissions or even starting a thread," Security Joes researchers Thiago Peixoto, Felipe Duarte, and Ido Naor said in a report shared with The Hacker News. "The

WIRED

How to Protect Yourself If Your School Uses Surveillance Tech

By Pia Ceres — October 10^th 2022 at 11:00

Colleges and K-12 campuses increasingly monitor student emails, social media, and more. Here’s how to secure your (or your child’s) privacy.

WIRED

This Chatbot Aims to Steer People Away From Child Abuse Material

By Matt Burgess — September 28^th 2022 at 06:00

Pornhub is trialing a new automated tool that pushes CSAM-searchers to seek help for their online behavior. Will it work?

The Hacker News

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

By Ravie Lakshmanan — June 11^th 2022 at 08:31

A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT