Technology

The U.S. government on Thursday announced a $10 million reward for information that may lead to the identification or location of key individuals who hold leadership positions in the DarkSide ransomware group or any of its rebrands. On top of that, the State Department is offering bounties of up to $5 million for intel and […]

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from

Cybersecurity researchers have disclosed a security flaw in the Linux Kernel’s Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. The heap overflow vulnerability “can be exploited locally or remotely within a network to

The U.S. Commerce Department on Wednesday added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in “malicious cyber activities.” The agency said the two companies were added to the list based on evidence that “these entities developed and supplied spyware to foreign governments that used these tools

This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvision’s Executive Education Program, a series of events focused on how enterprises are taking charge of the API security lifecycle. Launching the “Security in Agile” program Headquartered in Vienna, Raiffeisen Bank International (RBI) operates

Facebook’s newly-rebranded parent company Meta on Tuesday announced plans to discontinue its decade-old “Face Recognition” system and delete a massive trove of more than a billion users’ facial recognition templates as part of a wider initiative to limit the use of the technology across its products. The Menlo Park tech giant described the about-face as “one of the largest

The operators behind the Mekotio banking trojan have resurfaced with a shift in its infection flow so as to stay under the radar and evade security software, while staging nearly 100 attacks over the last three months. “One of the main characteristics […] is the modular attack which gives the attackers the ability to change

For most organizations today, the logs produced by their security tools and environments provide a mixed bag. On the one hand, they can be a trove of valuable data on security breaches, vulnerabilities, attack patterns, and general security insights. On the other, organizations don’t have the right means to manage the massive scale of logs

An analysis of new samples of BlackMatter ransomware for Windows and Linux has revealed the extent to which the operators have continually added new features and encryption capabilities in successive iterations over a three-month period. No fewer than 10 Windows and two Linux versions of the ransomware have been observed in the wild to date,

Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation. Use-after-free