Nearly all keyboard apps that allow users to enter Chinese characters into their Android, iOS, or other mobile devices are vulnerable to attacks that...
Nearly 70% of the 600 fraud-management, anti-money laundering, and risk and compliance officials surveyed in BioCatch's first-ever AI-focused fraud and financial crime report say criminals are more...
A state-sponsored threat actor has exploited two Cisco zero-day vulnerabilities in firewall devices to target the perimeter of government networks with two custom-built backdoors,...
COMMENTARYIn an earlier article, I covered what the Securities and Exchange Commission's (SEC) SolarWinds' indictments and four-day rule mean for DevSecOps. Today, let's ask a different...
PRESS RELEASETampa Bay, FL (April 24, 2024) – KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it...
An adversary doesn't need sophisticated technical skills to execute a broad software supply chain attack like the ones experienced by SolarWinds and CodeCov. Sometimes,...
An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the...
COMMENTARYWaterfall Security Solutions, in collaboration with ICS Strive, recently released its "2024 Threat Report." The bad news is that, in 2023, there were 68 cyberattacks that...
Virtual file transfer system provider CrushFTP and various security researchers are sounding the alarm about a sandbox escape flaw in the CrushFTP server that...
Virtual personal assistants powered by artificial intelligence are becoming ubiquitous across technology platforms, with every major tech firm adding AI to their services and...
Siemens is urging organizations using its Ruggedcom APE1808 devices configured with Palo Alto Networks (PAN) Virtual NGFW to implement workarounds for a maximum severity...