Welcome to the latest edition of The Week in Security, which brings you top stories from both the world and our team, across the full stack of security: software security, cybersecurity, and beyond.
Read More about The Week in Security: Pro-China cyber operation Dragonbridge targets U.S. elections
The shift to remote work punched holes in government networks. But it also fostered a transformation in public-private cooperation, one NSA official noted at LABScon.
Read More about The pandemic turned out to be a boon for public-private cybersecurity cooperation
The famous hacking group Lapsus$ appears to be back in action. Also: Russian cyber spies are targeting Ukraine by posing as internet providers.
Read More about The Week in Security: Is Lapsus$ back in action?
A new U.S. federal government memo mandates the federal use of secure third-party software products and services. Also, Twitter whistleblower Mudge Zatko reveals new details of the company’s security practices (or lack thereof) with Congress.
Read More about The Week in Cybersecurity: U.S. mandates federal agencies use secure third-party software tools
A China-linked cyber espionage campaign targets critical entities in Australia and the South China Sea, password manager LastPass gets hacked (again), and more
Read More about The Week in Cybersecurity: Cyber espionage operation fueled for months by targeted phishing attacks
Cybercriminals are continuing to target medical facilities, Twitter’s alleged lack of cybersecurity measures, and more.
Read More about The Week in Cybersecurity: French hospital hit with ransomware attack
Evidence has surfaced of cybercrime’s fast-paced growth in 2022, a new Google Chrome zero-day vulnerability is being exploited, and more.
Read More about The Week in Cybersecurity: Cybercrime growth outpaces the security industry
MFA’s shortcomings paved the way for Cisco’s data breach
Read More about The Week in Cybersecurity: MFA shortcomings paved the way for Cisco breach
A new Chinese offensive framework may be abused by threat actors, hackers steal $190 million from Nomad Token Bridge, and more.
Read More about The Week in Cybersecurity: Meet Manjusaka, 'the Chinese sibling of Sliver and Cobalt Strike'
More than 30 years after the AIDS computer virus spread via infected floppy disks, ransomware has taken the world by storm. But echoes of that first attack can still be heard today.
Read More about Three decades later, ransomware's first act still resonates
Austrian group KNOTWEED spreads malware via Microsoft products, new malware-infested apps pop up in the Google Play store, and mo
Read More about The Week in Cybersecurity: Austrian hackers-for-hire KNOTWEED serve up Subzero malware
ReversingLabs data shows that attachments that use decades-old scripting languages like XLM and VBA are often malicious. Still, Microsoft’s move to harden Excel and other Office apps may not move the security needle.
Read More about Microsoft disables Excel, Office macros by default. Will it matter?
Read More about Here’s what happened with Log4Shell while you were out
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused