Currently Browsing: Security News
Credential stuffing is far from a new technique yet people’s propensity to re-use credentials has escalated the number of organizations trying to gain initial access through this vector. The opportunity for credential stuffing occurs when a data breach of user names and passwords is stolen from an organization. The hacker takes the hashed passwords and […]
How long should you wait to release an exploit publicly after you notify a company of a flaw in their software? Some organizations like CERT have a 45-day disclosure policy while Google’s Project Zero has a 90-day policy and ZDI has up to 120-days. Balancing the right amount of time can be tricky but a […]
In an attack now being dubbed ShadowHammer, Taiwan based tech company ASUS was compromised by a hacking team that used its trusted update to push malware down to half a million users throughout the globe. This is the latest software supply chain attack in a growing trend where hackers are gaining initial access to systems […]
Researchers at the ProofPoint Threat Research Team recently released a report detailing the growing trend of hackers abusing LinkedIn to pose as legitimate recruiters interested in hiring them for their next position. The hackers reach out through LinkedIn’s direct messaging service, pretending to be a staffing company with an offer of employment for someone with […]
As the never-ending cat and mouse game advances in the world of cyber security we have seen a novel growth in the methodologies of malicious actors to avoid the ever-growing list of defensive products on the market. According to the annual 2019 IBM X-Force Threat Intelligence Index, cybercriminals have decreased their reliance on malware and […]
