Palindrome Technologies Approved as Cybersecurity Label Administrator for FCC’s IoT Program

Blog

By January 8, 2025

Post Content

Blog

The Shifting Landscape of Open Source Security

By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security.

Read More The Shifting Landscape of Open Source Security
Blog

Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability

FortiGuard Labs is aware that a Proof-of-Concept (POC) code for a newly patched Windows vulnerability (CVE-2022-21882) that is reported to have been exploited in the wild was released to a publicly available online repository. CVE-2022-21882 is a local privilege (LPE) escalation vulnerability which allows a local, authenticated attacker to gain elevated local system or administrator…

Read More Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability
Blog

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack Delivery (TOAD

Read More Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
Blog

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers time automated campaigns to get maximum return. Multiple industry threat reports show that bot-driven fraud, credential stuffing and account takeover attempts intensify around peak shopping events, especially the weeks around Black Friday and Christmas. Why holiday peaks

Read More How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?
Blog

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS…

Read More Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Blog

Operation PowerOFF Takes Down 9 DDoS-for-Hire Domains

Four different countries, including the United States and Germany, were included in the latest international operation alongside Europol’s support.

Read More Operation PowerOFF Takes Down 9 DDoS-for-Hire Domains

Related