Your blog category
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are… Read More »North Korean Hackers Targeting Developers with Malicious npm Packages
The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end,… Read More »LockBit Ransomware Group Resurfaces After Law Enforcement Takedown
LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said. The development comes following… Read More »Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign… Read More »Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was… Read More »Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed… Read More »Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI
Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their… Read More »How to Use Tines’s SOC Automation Capability Matrix
Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability,… Read More »Researchers Detail Apple’s Recent Zero-Click Shortcuts Vulnerability
The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users’ browsing data to advertisers after claiming its… Read More »FTC Slams Avast with $16.5 Million Fine for Selling Users’ Browsing Data
Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a… Read More »Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage