Thinking Outside The Box [dusted off draft from 2017]
Preface Hello from the future! This is a blogpost I originally drafted in early 2017.
Aggregating 7827 articles from trusted cybersecurity sources
Preface Hello from the future! This is a blogpost I originally drafted in early 2017.
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found
Being seen as reliable is good for ‘business’ and ransomware groups care about 'brand reputation' just as much as their victims
If you don’t look inside your environment, you can’t know its true state – and attackers count on that
Posted by Chrome Root Program Team Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process ...
Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience.
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: inclu...
Posted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an i...
Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.
Posted by Nathan Parker, Chrome security team Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challen...
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025,...
Identity is effectively the new network boundary. It must be protected at all costs.
The ransomware group D1R claimed to have accessed a database of 40,000 entries from Synopsys and subsequently used this information to target Bosch, alleging...
The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. The post Synopsys Find...
The defendant's lawyer told Finnish media that he does not know where his client is but believes Kivimäki is outside Finland.
Effective data protection determines whether stolen information is actually usable and how much business and regulatory damage an organization suffers after ...
Supermarket giant Lidl has revealed details of a supplier breach impacting customer data
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers no...
The "Breach at the Beach" CTF, created by Varonis researchers Doron Kapah and Mark Vaitsman, simulates attacks within Entra ID, focusing on how threat actors...
The compromised data includes customer salutations, first and last names, phone numbers, email addresses, dates of birth, and customer numbers.
The breach was discovered after mass emails were sent from legitimate AFA domains, claiming Argentina "stole" the win from Egypt.
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed.
Following the breach of several of her Telegram channels, controversial Russian journalist Ksenia Sobchak claimed published screenshots of her correspondence...
German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached...