All posts

We regularly create new SIEM rules, but behind the scenes lies a more fundamental process —the evolution of the correlation rules themselves.

We’ve revisited our study on the crackability of real-world passwords leaked on the dark web — originally conducted two years ago. The findings are sobering: nearly every other password can be cracked in under a minute, and three out of five take less than an hour. How can we move away from insecure passwords?

The new VoidStealer Trojan utilizes a novel method to bypass Chrome’s App-Bound Encryption, allowing it to hijack sessions and steal user data.

A targeted supply chain attack via popular software for mounting disk images.

How and why droids from a galaxy far, far away switch their allegiances.

How law enforcement and intelligence agencies leverage data from connected vehicles, and what your car might be leaking about you.

Building a functional app without programming skills is now a possibility, but maintaining it and ensuring cybersecurity remains a challenge. Here are several protective measures that even non-technical creators can implement.

We’ve discovered over two dozen phishing apps mimicking popular crypto wallets right in the official App Store. Here’s a breakdown of the new waves of attacks targeting iPhone and Mac users and their crypto holdings.

Researchers have established that fiber-optic cables can be exploited for eavesdropping. We’re breaking down how feasible such an attack is in a real-world scenario.

As tax-return season rolls around, cybercriminals worldwide are shifting into high gear. They peddle fraudulent services, spoof official tax agency websites, and drain the bank accounts of unsuspecting taxpayers. Here’s how to spot phishing attempts and scams, along with tips for handling your tax documents securely

We’re breaking down why developers have moved into the crosshairs, the specific tactics attackers are using, and how to reduce the risks of company infrastructure being compromised.

The emergence of DarkSword and Coruna — new malware targeting iOS — shows exactly how government intelligence tools are being repurposed as weapons for cybercriminals. We break down how these attacks work, why they’re so dangerous, and what you can do to not get infected.

We’re diving into how the Be My Eyes app helps blind and low-vision users, checking if it’s actually effective at spotting cyberthreats, and sharing essential safety tips for the visually impaired community.

GDDRHammer, GeForge, and GPUBreach: three new research papers diving into attacks that exploit the Rowhammer technique.

Smart sex toys and their companion apps collect and process some extremely personal data. We break down the risks involved, and ways to protect your privacy.

Kaspersky experts have detected fake websites that steal money from BTS fans during ticket pre sales. We explain how to stay vigilant and not fall victim to the scammers.

Protecting a security console is more critical than one might think. Here’s the lowdown on control-layer compromise, and how to keep it from happening.

Telehealth services and apps are blowing up in popularity right now, making the availability of medical services better than ever. But just how safe is telemedicine, and what kind of risks does it carry?

How to manage vulnerabilities when developing or using open-source software.

How the AI boom and increasing reliance on open-source components are piling up corporate security debt — and what you can actually do about it.

The new CrystalX remote access Trojan looks like the prank viruses of the 90s on the surface, but it causes a lot more damage. It spies on all that’s happening on your computer, steals cryptocurrency and accounts, and gives the attacker full control over your device. We break down how it works, and how to avoid becoming a victim.