NEWS

Penetration Testing Services: what to look for in a pen test provider

These days computers and the software that operate upon them touch practically every part of our professional and personal lives. The information they store, process and transmit is the foundation upon which businesses are built, how customer experiences are delivered, and how we find the best takeout food in our immediate area. So why is … Continue reading Penetration Testing Services: what to look for in a pen test provider

US Counterintelligence Director & Fmr. Europol Leader Talk Election Security

The US counterintelligence lead joins a former Europol cyber chief to discuss modern election threats and the benefits of public-private collaboration. Nations worldwide have faced the challenge of maintaining trustworthy elections in the face of evolving cyberthreats. As the United States rapidly approaches its 2020 presidential election, officials are concerned about how to best protect … Continue reading US Counterintelligence Director & Fmr. Europol Leader Talk Election Security

Nation-state actor hit Google with the largest DDoS attack

In an overview of distributed denial-of-service (DDoS) trends targeting its network links, Google revealed that in 2017 a nation-state actor used massive firepower that amounted to more than 2.54 terabits per second. The actor targeted thousands of Google IP addresses at the same time and used several attack methods in a campaign that span across … Continue reading Nation-state actor hit Google with the largest DDoS attack

NPM nukes NodeJS malware opening Windows, Linux reverse shells

NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by NPM yesterday. The four packages are: plutov-slack-client – claims to be a … Continue reading NPM nukes NodeJS malware opening Windows, Linux reverse shells

Critical SonicWall vulnerability affects 800K firewalls, patch now

A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team (VERT) … Continue reading Critical SonicWall vulnerability affects 800K firewalls, patch now


No comments to show.