Security
Headlines
HeadlinesLatestCVEs

Source

Threatpost

TA551 Shifts Tactics to Install Sliver Red-Teaming Tool

A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.

Threatpost
#Bug Bounty#Privacy#Vulnerabilities#Malware#Web Security
Gigabyte Allegedly Hit by AvosLocker Ransomware

If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.

Why is Cybersecurity Failing Against Ransomware?

Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.

Geriatric Microsoft Bug Exploited by APT Using Commodity RATs

Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that's as potent as it is ancient.

Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services

The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and in cloud services such as Twilio Electric Imp.