3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are
The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the
The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven
Mozilla has added Enhanced Tracking Protection to Firefox to block tracking cookies in the browser by default.
Researchers have found modified versions of the Orcus and Revenge RATs being delivered through effective phishing campaigns.
Researchers from Google Project Zero uncovered a multiyear campaign that targeted iPhones with sophisticated exploit chains delivered through hacked websites.
Security firm Imperva says that API keys and SSL certificates for some of its Cloud WAF customers were exposed in a data breach.
The CVE-2019-11510 vulnerability in Pulse Secure VPN is drawing considerable attention from attackers now that an exploit is publicly available.