Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

Cyber criminals are becoming more advanced as they continue to find new ways to deliver attacks, and some are now willing to buy zero-day vulnerabilities, something more traditionally associated with…

Rust-proofing the internet with ISRG's Prossimo

You know the non-profit Internet Security Research Group (ISRG) for its Let’s Encrypt certificate authority, the most popular way of securing websites with TLS certificates. The group wants to do…

Microsoft November 2021 Patch Tuesday: 55 bugs squashed, two under active exploit

Microsoft has released 55 security fixes for software including patches that resolve zero-day vulnerabilities actively exploited in the wild. The Redmond giant’s latest round of patches, usually released on the second…

Cybersecurity firms provide threat intel for Clop ransomware group arrests

[embedded content] Further details have been revealed concerning a 30-month investigation designed to disrupt the operations of the Clop ransomware group.  In June, Ukrainian police arrested six suspects in 20…

Machine Learning in Cybersecurity 101

Machine learning is a term usually mentioned in contexts that actually refer to artificial intelligence or is used as a synonym. Let us have a closer look at what the…

Cybersecurity Trends & Predictions for CISOs

Trend Micro – Trend Micro – Staying one step ahead of the bad guys is the best way to stop cyberattacks. Trend Micro’s VP of Threat Research, Jon Clay, provides…

Why the Next-Generation of Application Security Is Needed

New software and code stand at the core of everything we do, but how well is all of this new code tested? Luckily, autonomous application security is here. By David…

What Is Extended Detection and Response (XDR)? Features, Benefits, and Beyond

Overloaded security teams, poor visibility, and threat alert overload have quite an impact when it comes to detecting and effectively responding to cyber threats. Since today’s cyberattacks are extremely tricky…

A Well-Known Bug Bounty Platform Wants Zero-day Exploits for Windows VPN Clients

Zerodium is a premium bug bounty platform created by cybersecurity specialists with zero-day exploit and vulnerability research experience. The goal of Zerodium is to gather together independent security researchers to…

iPhone 13 Pro, Windows, Chrome, Linux and others pwned at Tianfu Cup

Tianfu Cup is a version of the Pwn2own in which hackers from Kunlun Lab managed to secure first place by hacking iPhone 13 through a vulnerability in the Safari mobile…