Fraud Investigation Techniques
Storm-0249 Abuses EDR Processes in Stealthy Attacks
The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-pre...
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on v...
Feds: Pro-Russia Hactivists Target US Critical Infrastructure
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive,...
Japanese Firms Suffer Long Tail of Ransomware Damage
Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to reco...
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Pa...
Microsoft Fixes Exploited Zero Day in Light Patch Tuesday
Proof-of-concept exploit code is publicly available for two other flaws in this month's Patch Tuesday. In total, the company issued pat...
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reac...
Analysts Warn of Cybersecurity Risks in Humanoid Robots
Think "Blade Runner," but the robots can be hacked more easily than your home computer.
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensit...
Apache Issues Max-Severity Tika CVE After Patch Miss
The Apache Software Foundation's earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated ...