Cyber Due Diligence
Mozilla Says It’s Finally Done With Two-Faced Onerep
In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox...
‘Matrix Push’ C2 Tool Hijacks Browser Notifications
Have you ever given two seconds of thought to a browser notification? No? That's what hackers bent on phishing are counting on.
WhatsApp ‘Eternidade’ Trojan Self-Propagates Through Brazil
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal...
Fortinet Woes Continue With Another WAF Zero-Day Flaw
A second zero-day vulnerability in its web application firewall (WAF) line has come under attack, raising more questions about the vend...
Do National Data Laws Carry Cyber-Risks for Large Orgs?
When international corporations have to balance competing cyber laws from different countries, the result is fragmented, potentially vu...
The AI Attack Surface: How Agents Raise the Cyber Stakes
Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent's goals and how agent interaction can be altered to comp...
Cloudflare Blames Outage on Internal Configuration Error
Initially though to be a DDoS attack, the incident was actually due to a routine change in permissions that caused widespread software ...
Critical Railway Braking Systems Open to Tampering
It only takes recycled cans, copper, and cheap gadgets off the Web to trick a train conductor into doing something dangerous.
US Creates ‘Strike Force’ to Take Out SE Asian Scam Centers
The collaborative effort combines multiple federal departments, along with private companies to reduce, if not eliminate, billions lost...
Cloud Break: IoT Devices Open to Silent Takeover Via Firewalls
IoT devices can be compromised, thanks to gaps in cloud management interfaces for firewalls and routers, even if they're protected by s...