Former NSA cyber director warns drastic job cuts threaten national security
A retired top cybersecurity official from the National Security Agency warned a key House panel that widespread cuts to federal probationary workers could severely harm…
Month: March 2025
Google paid $12 million in bug bounties last year to security researchers
Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in…
Review: The Cybersecurity Trinity – Help Net Security
The Cybersecurity Trinity provides a comprehensive approach to modern cybersecurity by integrating AI, automation, and active cyber defense (ACD) into a unified strategy. Instead of…
How ads weirdly know your screen brightness, headphone jack use, and location, with Tim Shott (Lock and Code S06E05)
This week on the Lock and Code podcast… Something’s not right in the world of location data. In January, a location data broker named Gravy…
Critical PHP vulnerability under widespread cyberattack
Dive Brief: CVE-2024-4577, a critical argument-injection vulnerability that affects PHP installations in Windows systems, has come under widespread exploitation in several countries such as the…
Swiss critical sector faces new 24-hour cyberattack reporting rule
Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the…
Twitter not down due to Cyber Attack
On March 10, 2025, Twitter users across the globe experienced widespread disruptions in service while attempting to access their accounts. The outage impacted users worldwide,…
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Mar 10, 2025Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on.…
Fake CAPTCHA websites hijack your clipboard to install information stealers
There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may…
2024: the year misconfigurations exposed digital vulnerabilities
Imagine the impact of a sudden service disruption on your business. Customers unable to access your platform, transactions put on hold, and your team racing…
Passwords in the new era of computing security
Last August, the National Institute of Standards and Technology (NIST) released its first three finalized post-quantum encryption standards, designed to withstand attacks from quantum computers.…
Detectify Alfred helps security teams collect threat intelligence
Detectify announced Alfred, a system that uses AI to completely autonomously source, prioritize, and generate high-fidelity security tests for the CVEs that are most likely…