Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements.

read more

U.S sanctions against Afghanistan have exacerbated starvation, poverty, and made life even more perilous for the millions living under Taliban occupation. However, people both within and outside the country have been experimenting with crypto options to overcome legal and financial barriers. Coders without borders An investigation by The Intercept interviewed the CEO of a coding school […]

An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said the issues

01 Exchange says it's "the first fully-decentralized derivatives exchange to support orderbook-based power perpetuals and perpetual futures on Solana."

A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years. The disruption of the BEC network is the result of a ten-day investigation dubbed Operation Falcon II undertaken by the Interpol along with

Gone are the days when ransomware operators were happy with encrypting files on-site and more or less discretely charged their victims money for a decryption key. What we commonly find now is encryption with the additional threat of leaking stolen data, generally called Double-Extortion (or, as we like to call it: Cyber Extortion or Cy-X). This is a unique form of cybercrime in that we can

Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 (CVSS score: 5.3), the issue is an " input validation vulnerability that could allow attackers to build a query given some input and send that

Bitcoin both fits into and defies all of the major theoretical models developed in recent history, speaking to just how early we are.

The impact of Bitcoin on war will not simply be the eradication of violence, a problem of humanity since the dawn of time.

Once attackers have obtained access, they can compromise other systems or pivot within your networks.

More than 50,000 targets around the world have been affected by the business email compromise scams, Interpol reports.

A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation, a blunder that greatly increased exposure to malicious hacker attacks.

read more