Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.
North Korean hackers are escalating their operations, posing as candidates for remote positions at multinational companies.
These hackers are leveraging their disguises to steal trade secrets and siphon cryptocurrency funds, contributing significantly to the regime’s coffers. Researchers at the Cyberwarcon cybersecurity conference identified two North Korean hacker groups, Sapphire Sleet and Ruby Sleet, as key players in these schemes.
Passwords are falling out of fashion with younger generations around the world, as passkeys provide faster and more secure login without the hassle of remembering, new research has claimed.
New data from FIDO Alliance shows passkey awareness has risen from 39% familiarity in 2022, to 57% in 2024.
Law enforcement agencies from eight nations, led by Australia, have issued an advisory that details the tradecraft used by China-aligned threat actor APT40 – aka Kryptonite Panda, GINGHAM TYPHOON, Leviathan and Bronze Mohawk – and found it prioritizes developing exploits for newly found vulnerabilities and can target them within hours.
Investigating how the world’s largest software provider handles the security of its own ubiquitous products.
After Russian intelligence launched one of the most devastating cyber espionage attacks in history against US government agencies, the Biden administration set up a new board and tasked it to figure out what happened—and tell the public.
After "cyber incidents" on June 19 and 20 took down CDK Global, a software-as-a-service vendor for more than 15,000 car dealerships, forum and Reddit comments by service tech workers and dealers advised their compatriots to prepare for weeks, not days, before service was restored.
Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to give attackers complete control of Linux and Unix servers with no authentication required.
Indonesia has been rocked by a cyberattack that has impacted more than 40 government agencies, including the immigration ministry and operations at major airports. The latest attack – the worst the country has seen in years – has also disrupted immigration services and affected operations at government data centres, officials say.
Some 44 government agencies, including key ministries, were targets of a ransomware attack, an official from the communications ministry, said this week. The notorious Lockbit cybercrime gang has demanded an $8 million ransom.
A new report released today by Cisco Talos is warning of the implications of the recent Snowflake Inc.-related cloud data platform breach and how the comprised accounts highlight the vulnerabilities inherent in cloud environments.
A critical vulnerability recently discovered in a widely used piece of software is putting huge swaths of the Internet at risk of devastating hacks, and attackers have already begun actively trying to exploit it in real-world attacks, researchers warn.
