Messaging Service Wiretap Discovered through Expired TLS Cert
Fascinating story of a covert wiretap that was discovered because of an expired TLS certificate: The suspected man-in-the-middle attack was…
Security
ESET APT Activity Report Q2–Q3 2023
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 and Q3 2023
What is User and Entity Behavior Analytics (UEBA) ?
As the digital world continually transforms at a rapid pace, the necessity for high-grade, reliable safety controls becomes even more…
Weekly Update 371
Presently sponsored by: Got Linux? (And Mac and Windows and iOS and Android?) Then Kolide has the device trust solution…
Hello Alfred app exposes user data
Hello Alfred, an in-home hospitality app, left a database accessible without password protection, exposing almost 170,000 records containing private user…
What is Traffic Shaping ?
Unraveling the Enigma of Traffic Modulation Within the realm of digital information, data traffic parallels a high-speed freeway, ferrying packets…
iLeakage attack exploits Safari to steal data from Apple devices
Boffins devised a new iLeakage side-channel speculative execution attack exploits Safari to steal sensitive data from Macs, iPhones, and iPads.…
Cloudflare mitigated 89 hyper-volumetric HTTP distributed DDoS attacks exceeding 100 million rps
Cloudflare mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks exploiting the flaw HTTP/2 Rapid Reset. Cloudflare DDoS threat report…
Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers
ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible
Seiko confirmed a data breach after BlackCat attack
Japanese watchmaker Seiko revealed that the attack that suffered earlier this year was carried out by the Black Cat ransomware…