A sea change in available data fuels fresh insights from the first half of 2024

Results from the latest ATT&CK Evaluations for endpoint detection and response solutions.

Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations

Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins

A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]

Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. […]

A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […]

Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. […]

​The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech (also known as Yongxin Zhicheng) for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. […]

​Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. […]