Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks.
Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers.
Polish security researcher unveiled the flaw in a cross-browser sharing API that could allow attackers to steal user files.
Researchers reveal technology called SpiKey that can ‘listen’ to the clicks a key makes in a lock and create a duplicate from the sounds.
The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.
An authentication-bypass vulnerability allows attackers to access network assets without credentials when SAML is enabled on certain firewalls and enterprise VPNs.
The adversaries have the hallmarks of an advanced, organized group, with well-established infrastructure.
Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.