SANS Institute Launches AI Cybersecurity Hackathon

Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. “Hijack Loader released a new module that implements call stack spoofing to hide the origin of function calls (e.g., API and system calls),” Zscaler ThreatLabz researcher Muhammed Irfan…

On the 21st birthday of Gmail, Google has announced a major update that allows enterprise users to send end-to-end encrypted (E2EE) to any user in any email inbox in a few clicks. The feature is rolling out starting today in beta, allowing users to send E2EE emails to Gmail users within an organization, with plans…

Palo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its appliances. “Our teams are observing evidence of activity consistent with password-related attacks, such as brute-force login attempts, which does not indicate exploitation of a

Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products.

The $168 million judgment against NSO Group underscores how citizens put little store in the spyware industry’s justifications for circumventing security — but will it matter?

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against “specific targeted individuals,” which suggests spyware or nation-state threat activity.