Over the past two years, the banking sector across the Middle East, Turkey, and Africa has witnessed a marked evolution in cash-out schemes driven by so-called “money mules.” According to Group-IB, drawing on data...
Since the introduction of serialization through the Marshal module in the Ruby programming language, developers and security experts have been drawn into a protracted game of “bypass and patch.” The history of these vulnerabilities...
Against the backdrop of the rapidly growing number of vulnerabilities confronting companies worldwide, researchers from the Rochester Institute of Technology, the University of Hawaiʻi, and Leidos have conducted the most extensive comparative study to...
While Microsoft has been vigorously promoting its Copilot AI product line, promising users greater convenience and productivity, a troubling flaw has been uncovered in the M365 ecosystem—one that undermines the very foundations of security...
In recent days, Telegram channels and news outlets have been actively circulating reports of an alleged Europol bounty of $50,000 for information leading to the capture of two leaders of the notorious ransomware group...
bkcrack Crack legacy zip encryption with Biham and Kocher’s known-plaintext attack. Overview A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a...
AzureGoat: A Damn Vulnerable Azure Infrastructure Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web applications, is all an...
The malware Android.Backdoor.916.origin, uncovered by Doctor Web’s research laboratory, specifically targets the corporate sector in Russia and possesses extensive capabilities for surveillance and data theft. Its primary purpose is not mass infection but rather...
Experts from Insikt Group have presented the first comprehensive investigation into the activities of Lumma Stealer affiliates—one of the most widespread families of data-stealing malware. Covering the period from mid-2024 through the first half...
A new entrant from the United Arab Emirates has shaken up the tightly controlled vulnerability market. Advanced Security Solutions, launched in August, has announced its willingness to pay up to $20 million for smartphone...
Microsoft has restricted Chinese companies’ access to early notifications about vulnerabilities in its products. The decision follows an internal investigation into potential leaks from the Microsoft Active Protections Program (MAPP), a system designed to...
Amid the escalating wave of cyberthreats—particularly from advanced threat groups—one of the most dangerous yet persistently underestimated attack vectors remains almost unchanged: the compromise of user accounts through password guessing. According to the newly...
