News related to computer security, privacy and data protection
The US cyber security agency CISA turned the alarms on again this week by including three serious failures in its catalogue of Known Exploited Vulnerabilities (KEV), a record that…
A recent campaign shows that attackers no longer need to exploit software vulnerabilities to enter corporate networks: it is enough to deceive people. Researchers from the BlueVoy…
A malicious package published in the npm record is passed through a legitimate installer called OpenClaw and has been used to deploy a remote access Trojan (RAT) that steals sensi…
A sophisticated attack directed at a cryptomoneda ecosystem company has again highlighted how an intrusion that begins in a developer's personal device can end up emptying portfol…
Password reviews are part of the security ritual in many organizations: they serve to demonstrate compliance, reduce obvious risks and show that basic controls exist. However, too…
In recent years, medium-sized organizations have moved from looking for reactive solutions to proactively demonstrating that they meet safety standards comparable to those of larg…
In recent weeks, worrying cases of extensions have come to light for Google Chrome that, after being changed hands, have become attack vectors capable of running malicious code an…
A recent report by Palo Alto Networks Unit 42 has revealed a persistent campaign attributed to an actor linked to China who has been targeting high-value organizations in South, S…
A few days ago the daily account of a digital scam reached the highest steps of European law: a Polish client lost money after falling into a phishing attack and his bank, PKO BP,…
