Fraud Investigation Techniques
China’s ‘PlushDaemon’ Hackers Infect Routers to Hijack Software Updates
A unique take on the software update gambit has allowed Beijing's state-sponsored advanced persistent threat (APT) to evade attention a...
Same Old Security Problems: Cyber Training Still Fails Miserably
Editors from Dark Reading, Cybersecurity Dive, and TechTarget Search Security break down the depressing state of cybersecurity awarenes...
Mozilla Says It’s Finally Done With Two-Faced Onerep
In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox...
‘Matrix Push’ C2 Tool Hijacks Browser Notifications
Have you ever given two seconds of thought to a browser notification? No? That's what hackers bent on phishing are counting on.
WhatsApp ‘Eternidade’ Trojan Self-Propagates Through Brazil
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal...
Fortinet Woes Continue With Another WAF Zero-Day Flaw
A second zero-day vulnerability in its web application firewall (WAF) line has come under attack, raising more questions about the vend...
Do National Data Laws Carry Cyber-Risks for Large Orgs?
When international corporations have to balance competing cyber laws from different countries, the result is fragmented, potentially vu...
The AI Attack Surface: How Agents Raise the Cyber Stakes
Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent's goals and how agent interaction can be altered to comp...
Cloudflare Blames Outage on Internal Configuration Error
Initially though to be a DDoS attack, the incident was actually due to a routine change in permissions that caused widespread software ...
The Cloudflare Outage May Be a Security Roadmap
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudfla...