Sophisticated Covert Cyberattack Campaign Targets Military Contractors Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities.
Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys.
Container Supply Chain Attacks Cash In on Cryptojacking Cloud-native threats are costing cloud customer victims money as cryptojackers mine their vulnerable cloud instances.
Google Cloud DORA: Securing the Supply Chain Begins With Culture The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout.
Fast Company CMS Hack Raises Security Questions The company's website remains offline after hackers used its compromised CMS to send out racist messages.
Google Quashes 5 High-Severity Bugs With Chrome 106 Update External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.
Time to Change Our Flawed Approach to Security Awareness Defend against phishing attacks with more than user training. Measure users' suspicion levels along with cognitive and behavioral factors, then build a risk index and use the information to better protect those who are most vulnerable.
The Countdown to DORA With provisional agreement reached on the Digital Operational Resilience Act, the clock is now ticking for banks and information and communications technology (ICT) services companies with European operations. Here's what you need to know.
Phishing Attacks Crushed Records Last Quarter, Driven by Mobile Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.
