Cybersecurity
Two world wars had raged within three decades, costing over 100 million lives, when history’s most destructive weapon was deployed in August 1945. The horrific prospect of nuclear-fueled, mutually assured destruction has kept superpowers in check since then, and a cyber…
Parallels between this modern cyber arms race and the race to nuclear capabilities that plagued the previous century have been exhausted, to encapsulate the rapid expansion and increasing volatility of the cyber threat landscape in recent years. In the past year alone…
Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. Cryptomining gangs are a constant threat to poorly secured or misconfigured Docker systems, with multiple mass-exploitation…
An FBI alert released this week indicates that the law enforcement organization has tracked at least 60 ransomware attacks by the BlackCat (ALPHV) group as of March. The white notice also says BlackCat is the first ransomware group to attack this many victims…
The "hotpatch" released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. "Aside from containers, unprivileged…
An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability [...] can be easily exploited by an attacker by sending a malicious email to…
The multibillion-dollar data brokerage industry is virtually unregulated and poses a grave national security threat by advertising and selling information it has culled on military personnel, cybersecurity experts and a U.S. senator say. Justin Sherman, a fellow at the…
Pwn2Own Miami 2022 has ended with competitors earning $400,000 for 26 zero-day exploits (and several bug collisions) targeting ICS and SCADA products demoed during the contest between April 19 and April 21. Security researchers targeted multiple production categories…
Over the last two months, the number of cyberattacks against Ukrainian government agencies, security and defense services, and commercial organizations has soared. Before the war, Russia-linked hackers mostly attacked Ukraine to sow fear or panic and undermine trust in…
Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices. According to Israeli…