Threat Management

The DPRK's Lazarus threat group allegedly breached over 100 devices in several countries, including the U.S., Canada, Japan and Taiwan, according to Microsoft.

Researchers finally detail Netflix screencast bug that opened smart TVs to a video hijacking attacks.

Outpost24 researchers expect LummaC2 4.0 malware to evolve with improved obfuscation techniques and updates to its control panel.

Novel products aimed at strengthening application security among software developers have been launched by Veracode, according to SiliconAngle.

Jamf says North Korean subgroup of the financially motivated Lazarus Group targets specific users the threat actors believe have access to cryptocurrency.

Aqua Nautilus researchers claim they’ve observed the first documented exploit of the "Looney Tunables" vulnerability by threat actor Kinsing.

The Forum of Incident Response and Security Teams (FIRST) published CVSS 4.0 with an eye toward delivering finer granularity around threat intelligence metrics.

Vulnerable SSH servers could be compromised to secure private RSA host keys through a new passive attack method that involves the observation of computational faults during the signing process that exposes the private keys, The Hacker News reports.

Researchers speculate that Chinese authorities may be responsible for turning off one of the internet’s most prolific IoT botnets.

Learn about the evolution of UEFI, various aspects of supply chain security surrounding UEFI, and the interactions between links in the supply chain that ultimately end up delivering you a computer or server. Segment Resources: https://uefi.org/sites/default/files/resources/What%20is%20UEFI-Aug31-2023-Final.pdf This segment is sponsored by Ecl...