Blog & News

A threat actor linked to the RansomHub ransomware has been observed using a new tool EDRKillShifter that can terminate EDR software on compromised systems. More info https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/

A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability.…

The US National Institute of Standards and Technology (NIST) has published three post-quantum cryptography (PQC) algorithms: ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (Sphincs+). A fourth algorithm, FN-DSA (FALCON), is expected…

Speaking at the BlackHat USA conference earlier this week, security researcher Patrick Wardle said that computer crash reports offer “a myriad of information that will allow us to extract malware,…

CrowdStrike has published a technical root cause analysis of the July 19 incident that disrupted travel and commerce worldwide due to an out-of-bounds read issue “beyond the end of the…

Authorities have seized over $41 million that was stolen from a commodities firm in Singapore in a business email compromise (BEC) attack. The thieves, impersonating a supplier, requested that a…

Researchers from Graz University of Technology in Austria have published a paper that describes “a novel kernel exploitation technique elevating a limited heap vulnerability to an arbitrary memory read-and-write primitive.”…

AWS says it is using a neural network called Mithra, “a massive internal neural network graph model … that uses algorithms for threat intelligence” to identify malicious domains. Mithra has…