Tag
#ios
Plus: More Pegasus spyware controversy, a major BIOS controversy, and more of the week’s top security news.
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"
Mimecast's acquisition of Code42 helps the company move into insider risk management, joining key rival Proofpoint and others in the space.
Our critical systems can be protected from looming threats by embracing a proactive approach, investing in education, and fostering collaboration between IT and OT professionals.
Multi Store Inventory Management System version 1.0 suffers from an insecure direct object reference vulnerability.
While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure their applications, regardless of what phase they are in in development or deployment. In this article, we will
Although there was a decrease in BEC engagements from last quarter, it was still a major threat for the second quarter in a row.
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. "An attacker could escalate their privileges to the Default Cloud Build Service Account and
The good news: Only organizations far behind on standard Windows patching have anything to worry about.