The Hacking of Starlink Terminals Has Begun
It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes. SINCE 2018, ELON Musk’s Starlink has launched more than 3,000 small satellites into orbit. This satellite network beams internet connections to...
Discovering Domains via a Time-Correlation Attack on Certificate Transparency
Many modern websites employ an automatic issuance and renewal of TLS certificates. For enterprises, there are DigiCert services. For everyone else, there are free services such as Let’s Encrypt and ZeroSSL. There is a flaw in a way that deployment of TLS certificates...
Top 3 CyberSecurity Statistics You Must Know
Incident Response and its Best Practices Using Wazuh
Digital security for the business sector and enterprises is crucial. Keeping this in view, 2021 was marked by cyberattacks and major data breaches. Not just that, also ransomware has emerged as a major role in the cyber community. Wazuh is an open-source security...
Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware
A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such...
How Zero Trust can stop the catastrophic outcomes of cyberattacks on critical infrastructure
Over the last few years, essential organisations and services that support our society have become increasingly vulnerable to sophisticated cyberattacks So much so, a recent joint cybersecurity advisory showed that 14 out of the 16 critical national infrastructure...
Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP. A for-hire cybercriminal group is feeling the talent-drought in tech just...
Google Chrome Zero-Day Weaponized to Spy on Journalists
Candiru attackers breached a news agency employee website to target journalists with DevilsTongue spyware, researchers say. A zero-day vulnerability in Google Chrome was used by the established spyware group Candiru to compromise users in the Middle East —...
Rethinking Vulnerability Management in a Heightened Threat Landscape
Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist. Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over...