Cybersecurity Blog
Google to Block Entrust Certificates in Chrome Starting November 2024
Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around ...
Your Phone’s 5G Connection Is Vulnerable to Bypass, DoS Attacks
One attack involves setting up a fake base station using a Raspberry Pi or a software-defined radio (SDR). These devices ...
Operation First Light Seizes $257m in Global Scam Bust
Police forces from 61 countries have collaborated in Operation First Light 2024, led by Interpol, resulting in the ...
Critical GitLab Bug Lets Attackers Run Pipelines as Any User
A critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. ...
Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer
A sophisticated multi-stage malware campaign by the threat actor “Water Sigbin” (also known as the 8220 ...
MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems
MerkSpy is designed to covertly monitor user activities, capture sensitive information like keystrokes and Chrome login ...
China-Sponsored Attackers Target 40K Corporate Users in 90 Days
The campaigns, named LegalQloud, Eqooqp, and Boomer, deploy highly evasive and adaptive threat (HEAT) attack techniques ...
New Unfurling Hemlock Threat Actor Floods Systems with Malware
Unfurling Hemlock is using a new method, referred to as a “malware cluster bomb,” which allows the threat ...