Category: Security

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management […]

Steve Bellovin is retiring. Here’s his retirement talk, reflecting on his career and what the cybersecurity field needs next. ————— Free Unlimited, […]

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. […]

Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace […]

Zero-day vulnerabilities are more commonly used, according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities […]

Fantastic video of a female Gonatus onyx squid swimming while carrying her egg sack. An earlier related post. Blog moderation policy. ————— […]

Posted by Alex Rebert and Max Shavrick, Security Foundations, and Kinuko Yasada, Core DeveloperAttackers regularly exploit spatial memory safety vulnerabilities, which occur […]

Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight […]

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 […]

Everybody is reporting about a new security iPhone security feature with iOS 18: if the phone hasn’t been used for a few […]