News

Sophisticated groups not always so easy to pick out

Government-backed spies and hackers are increasingly using commercially available malware – thanks to a flourishing market of off-the-shelf software nasties – making it harder for researchers to identify who exactly is behind a cyber-attack.…

An explosive Bloomberg report, if true, would highlight the largest supply chain attack to have been launched against American corporations.

We know it was GRU

The UK government pointed the finger at Russian military intelligence for a litany of cyber nasties in an alert it issued this morning.…

Along came some spiders and saw the unsubscribers...

Cloud-based email marketing service SendGrid has copped to blabbing customer email addresses, chalking it up to some overenthusiastic indexing without explaining why pages were public-facing in the first place.…

This code-signing issue represents a new attack vector, according to the researcher.

Chipzilla's security through obscurity withers under scrutiny

In its ongoing exploration of Intel's Management Engine (ME), security biz Positive Technologies has reaffirmed the shortsightedness of security through obscurity and underscored the value of open source silicon.…

A converged architecture that brings independent software vendors, cloud vendors and IoT vendors together is reshaping the security landscape.

Phantom Secure's Vincent Ramos faces 20 years in clink

The CEO of a company that took Blackberry phones, stripped them of their cameras, microphones and GPS and then installed encryption software in order to create a secure phone, has pleaded guilty to conspiring with drug cartels.…

Supply-chain attacks are on the rise, but machine learning provides the edge that the security industry needs to keep up.

Weakness not easy to leverage, but iDRAC exploit would mean game over for admins

A pair of IT professionals have uncovered a potentially serious flaw in the hardware management tools for older Dell servers.…

Experts say Friday's breach remains a dangerous potential access point to even more third-party apps and websites.

Attractive to both white-hats and cybercriminals, AI's role in security has yet to find an equilibrium between the two sides.

Businesses are increasingly adopting artificial intelligence, but all too often these platforms don't feature security-by-design.

State-sponsored hacking meets financial acquisition with APT38

A new state-sponsored attack from North Korea is being seen as an effort by the cash-strapped dictatorship to raise funds by exploiting foreign banks.…