- Malware in PyPI Code Shows Supply Chain Risks
A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories.
- Europol Head Fears 5G Will Give Criminals an Edge
Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.
- Mirai Groups Target Business IoT Devices
More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.
- The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike
Why apples-to-apples performance tests are the only way to accurately gauge the impact of network security products and solutions.
- Crack the Defenses of iOS and other Platforms at Black Hat USA
Get the latest insights into how to attack and defend platforms like iOS, MacOS, and Windows 10 at this upcoming August security conference.
- Security Lessons From a New Programming Language
A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process.
- BitPaymer Ransomware Operators Wage Custom, Targeted Attacks
A new framework is allowing the threat group to compile variants of the malware for each victim, Morphisec says.
- RDP Bug Takes New Approach to Host Compromise
Researchers show how simply connecting to a rogue machine can silently compromise the host.
- Open Source Hacking Tool Grows Up
Koadic toolkit gets upgrades – and a little love from nation-state hackers.
- 8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.
- Bulgarian Tax Breach Nets All the Records
An attack by a 'wizard hacker' results in leaked records for virtually every Bulgarian taxpayer.
- How Capture the Flag Competitions Strengthen the Cybersecurity Workforce
These competitions challenge participants with problems involving digital forensics, cryptography, binary analysis, web security, and many other fields.
- 79% of US Consumers Fear Webcams Are Watching
Widespread privacy concerns have caused 60% of people to cover their laptop webcams – some in creative ways – survey data shows.
- Calculating the Value of Security
What will it take to align staff and budget to protect the organization?
- MITRE ATT&CK Framework Not Just for the Big Guys
At Black Hat, analysts from MITRE and Splunk will detail how organizations of many different sizes are leveraging ATT&CK's common language.
- Bluetooth Bug Enables Tracking on Windows 10, iOS & macOS Devices
Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.
- 800K Systems Still Vulnerable to BlueKeep
Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says.
- Sprint Reveals Account Breach via Samsung Website
The last-June breach exposed data including names, phone numbers, and account numbers.
- A Password Management Report Card
New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.
- Data Loss, Leakage Top Cloud Security Concerns
Compliance, accidental exposure of credentials, and data control are also primary concerns for senior IT and security managers.