In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.

Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life when having phisical access to a locked mobile device

Being cloud native won’t save you from external threats if you as a user are not aware of basic security...

Volexity has conducted the following research in collaboration with RiskIQ. We will discuss the same incident from different perspectives. RiskIQ's...

While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.

Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers

While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.

In episode of 5 O11ycast, Rachel and Charity speak with Anton Chuvakin, Research VP at Gartner for Technical Professionals, about the ways modern companies make, or don't make, decisions around security.

2 votes and 1 comment so far on Reddit

Advancing Transparency and Accountability in the Cybersecurity Industry

2 votes and 0 comments so far on Reddit

X41 Researched into the security of FAX machines and identified remotely exploitable vulnerabilities.

1 vote and 0 comments so far on Reddit

The following editorial will take you inside the dark world of data brokering, as we expose the backroom deals in which fifteen years of customer data from defunct Canadian retailer NCIX were sold.

The concept of "packing" or "crypting" a malicious program is widely popular among threat actors looking to bypass or defeat analysis by static and dynamic analysis tools.

Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.