Loading...
Blog
Insights, updates, and deep dives into cybersecurity, cloud technology, and AI innovation.
news
Jul 29, 2024
Cybercriminals Exploit CrowdStrike Falcon Update with Fake Fixes and Malware
After the Falcon update caused widespread IT outages, attackers quickly crafted phishing campaigns, posing as CrowdStrike support, to deliver malicious payloads. One notable campaign involves a fraudulent CrowdStrike recovery manual that installs the Daolpu info-stealer.
1 min
news
Jul 22, 2024
CrowdStrike update crashes Windows systems, causes outages worldwide
A recent update to CrowdStrike Falcon caused significant disruptions globally by crashing Windows systems. The update's faulty component led to numerous systems encountering boot loops or the Blue Screen of Death (BSOD).
3 min
news
Jul 12, 2024
Infostealer malware logs used to identify child abuse website members
Law enforcement has a powerful new tool in the fight against child sexual abuse material (CSAM). Researchers identified thousands of CSAM website users by analyzing information stolen by malware. This innovative approach involves cross-referencing stolen login credentials with known CSAM domains. Combined with publicly available information gathering (OSINT), researchers were able to link stolen credentials to real users.
3 min
news
Jul 10, 2024
Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program
Google is upping the ante on virtual machine security with the launch of kvmCTF, a new bug bounty program. This program specifically targets vulnerabilities within the KVM hypervisor, a technology fundamental to running virtual machines.
2 min
news
Jul 8, 2024
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack
A recently discovered vulnerability in OpenSSH servers, designated CVE-2024-6387 and named regreSSHion, poses a significant security risk. This flaw could allow unauthorized actors to remotely execute code on vulnerable systems.
2 min
news
Jul 5, 2024
Google Unveils New Chrome Enterprise Core Features for IT, Security Teams
Google recently enhanced Chrome Enterprise Core, a free browser management tool for organizations. These improvements aim to streamline browser control for IT and security teams. While a paid version, Chrome Enterprise Premium, offers advanced security features, Chrome Enterprise Core focuses on configuration and policy management.
2 min
news
Jul 1, 2024
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Google's Project Naptime tackles cybersecurity through a novel method: AI-powered vulnerability research. Unlike traditional manual code audits, Project Naptime employs a large language model (LLM) to mimic a security researcher.
2 min
news
Jun 28, 2024
Fake Google Chrome errors trick you into running malicious PowerShell scripts
A cunning malware campaign is targeting users with fake Google Chrome errors, Microsoft Word errors, and even fake OneDrive errors. These deceptive messages aim to trick people into running malicious PowerShell scripts that can infect their devices with malware.
3 min
news
Jun 26, 2024
VMware fixes critical vCenter RCE vulnerability
VMware released critical security patches to address remote code execution (RCE) vulnerabilities in vCenter Server. These vulnerabilities could allow attackers to gain full control over affected systems.
2 min