WIRED
Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight
January 25^th 2024 at 21:30

Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight

By Lily Hay Newman

Newly disclosed breaches of Microsoft and Hewlett-Packard Enterprise highlight the persistent threat posed by Midnight Blizzard, a notorious Russian cyber-espionage group.

Related tags
January 25^th 2024 at 21:30

WIRED
A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data
January 16^th 2024 at 17:00

A Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data

By Lily Hay Newman, Matt Burgess

Patching every device affected by the LeftoverLocals vulnerability—which includes some iPhones, iPads, and Macs—may prove difficult.

Related tags
January 16^th 2024 at 17:00

The Hacker News
Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
December 21^st 2023 at 07:22

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

By Newsroom

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office's

Related tags
December 21^st 2023 at 07:22

Naked Security
Serious Security: That KeePass “master password crack”, and what we can learn from it
May 31^st 2023 at 19:39

Serious Security: That KeePass “master password crack”, and what we can learn from it

By Paul Ducklin

Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don't panic.)

Related tags
May 31^st 2023 at 19:39

Naked Security
OpenSSL fixes High Severity data-stealing bug – patch now!
February 8^th 2023 at 02:58

OpenSSL fixes High Severity data-stealing bug – patch now!

By Paul Ducklin

7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...

Related tags
February 8^th 2023 at 02:58

WIRED
The Rise of Rust, the ‘Viral’ Secure Programming Language That’s Taking Over Tech
November 2^nd 2022 at 18:27

The Rise of Rust, the ‘Viral’ Secure Programming Language That’s Taking Over Tech

By Lily Hay Newman

Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can’t come soon enough.

Related tags
November 2^nd 2022 at 18:27

WIRED
Spyware Hunters Are Expanding Their Tool Set
August 18^th 2022 at 21:42

Spyware Hunters Are Expanding Their Tool Set

By Lily Hay Newman

This invasive malware isn’t just for phones—it can target your PC too. But a new batch of algorithms aims to weed out this threat.

Related tags
August 18^th 2022 at 21:42

The Hacker News
OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability
June 28^th 2022 at 08:59

OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability

By Ravie Lakshmanan

The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. The issue has been identified in OpenSSL version 3.0.4, which was released on June 21, 2022, and impacts x64 systems with the AVX-512 instruction set. OpenSSL 1.1.1 as well as OpenSSL forks BoringSSL and LibreSSL are not affected.  Security

Related tags
June 28^th 2022 at 08:59