A U.K. law firm specializing in crime, family fraud, sexual offenses and other sensitive matters has been fined after a hack that led to a data leak on the dark web — something the company only learned about after authorities contacted it.
The Record from Recorded Future News – Read More
LastPass’ recent data breaches make it hard to recommend as a viable password manager in 2025. Learn more in our full review below.
Security | TechRepublic – Read More
LastPass’ recent data breaches make it hard to recommend as a viable password manager in 2025. Learn more in our full review below.
Security | TechRepublic – Read More
In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.
The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024.
“The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published earlier in
The Hacker News – Read More
Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities.
The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads.
The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek.
SecurityWeek – Read More
Major companies have agreed to gradually reduce the lifetime of TLS certificates over the next few years.
The post Internet Giants Agree to Reduce TLS Certificate Lifespan to 47 Days by 2029 appeared first on SecurityWeek.
SecurityWeek – Read More
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.
While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to
The Hacker News – Read More
The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem.
The 25-year-old CVE program is a valuable tool for vulnerability management, offering a de facto standard to
The Hacker News – Read More