Blog

The hallucination problem is not just pervasive, it is persistent as well, according to new research.

Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat intelligence.

A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation.

Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here’s how experts say you can get eyes on it all.

Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. “The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link,” Morphisec Labs researcher Nadav Lorber said in a report shared with The

A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it’s downright difficult to count them all.

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login…

DigitalOcean executives describe how they automated and streamlined many of the identity and access management functions which had been previously handled manually.

Attackers aren’t waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week’s events show a hard truth: it’s not enough to react after an attack. You have to assume…