Technology

Cybersecurity researchers have unpacked a new Golang-based botnet called Kraken that’s under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. “Kraken already features the ability to download and execute secondary payloads, run shell commands, and take screenshots of the victim’s system,” threat intelligence firm

The practice of blurring out text using a method called pixelation may not be as secure as previously thought. While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original

If you haven’t heard of the term, you will soon enough. SOC 2, meaning System and Organization Controls 2, is an auditing procedure developed by the American Institute of CPAs (AICPA). Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. In other

Google on Wednesday announced plans to bring its Privacy Sandbox initiatives to Android in a bid to expand its privacy-focused, but also less disruptive, advertising technology beyond the desktop web. To that end, the internet giant said it will work towards building solutions that prevent cross-app tracking à la Apple’s App Tracking Transparency (ATT) framework,

The increasing volume and sophistication of cyberattacks have naturally led many companies to invest in additional cybersecurity technologies. We know that expanded threat detection capabilities are necessary for protection, but they have also led to several unintended consequences. The “more is not always better” adage fits this situation perfectly. An upcoming webinar by cybersecurity company

Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain remote code execution (RCE) on affected installations. “This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra,”

The European Union’s data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology’s “unprecedented level of intrusiveness” that could endanger users’ right to privacy. “Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which

VMware on Tuesday patched several high-severity vulnerabilities impacting ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere that could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition. As of writing, there’s no evidence that any of the weaknesses are exploited in the wild. The list of six flaws is as follows –

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. “TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand,” Check Point

A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and propagation techniques to rope infected machines into a botnet, not to