Uncategorized

Results from the latest ATT&CK Evaluations for endpoint detection and response solutions.

Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations

Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins

A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]

Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. […]

A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […]

Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. […]

​The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech (also known as Yongxin Zhicheng) for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. […]

Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. […]

Apple has agreed to pay $95 million to settle a class action lawsuit in the U.S. alleging that its Siri assistant recorded private conversations and shared them with third parties. […]