Peering Into the VOID for Better Data
The Verica Open Incident Database (VOID) provides a collection of reports on software outages, security incidents, and near misses to enable analysis of common causes and resolutions.
SEARCH
Security Challenges, Ransomware Attacks Plague School Districts
A slew of ransomware attacks is causing government officials to consider the resources needed to secure school district networks.
Trickbot Expands Malware Distribution Channels
Researchers observed known threat groups infecting victims with TrickBot for the first time in June, suggesting that the...
Collaboration Seen as Key to Defending Critical Infrastructure
Top officials from NSA and CISA say collaborative defense is the key to countering threats to the critical infrastructure.
APT35 Goes on Phishing Offensive With New Tricks
APT35 attackers are using a new technique in their phishing attacks, which leverages a function from Telegram.
Attackers Tied to Iran Targeting Office 365 in Password Spraying Campaign
A new group with ties to the Iranian government is conducting a password-spraying campaign against Office 365 accounts.
Microsoft Fixes Actively Exploited Windows Zero-Day
Microsoft issued a fix for a use-after-free Windows vulnerability that was being leveraged in attacks, as part of its October...
Lawyers, Bugs, and Money: When Bug Bounties Went Boom
Bug bounties have grown from a niche idea to encourage independent security research into a massive business and a legitimate...
Uprising in the Valley: When Bug Bounties Went Boom, Part Two
Following the success of the bounty programs started by companies such as iDefense, Zero Day Initiative, and Mozilla,...
Dennis Has Some Questions About…2FA
Two-factor authentication is a vital part of many corporate security strategies, and is now offered by lots of consumer apps,...
Device Security is ‘The Big Hairy Monster Under the Bed’
The security of IoT and non-general purpose computing devices represents a systemic risk to corporate and national security,...
Critical Bug in Kalay IoT Protocol Threatens Millions of Devices
A critical flaw in the ThroughTek Kalay Io platform could allow an attacker complete access to IP cameras, DVRs, and other...
Multiple Flaws in Realtek SDK Affect Wide Range of IoT Devices
Several vulnerabilities in the Realtek SDK expose millions of IoT devices to remote code execution.