intelligence gathering

Between August and November 2021, four different Android Trojans spread through the official Google Play Store, resulting in the infection of more than 300,000 apps disguised as seemingly...

Panasonic recently discovered that it had suffered a data breach that allowed attackers to access its file servers and steal data, the company announced late last week. The technology company said its network was breached on November 11, 2021, with "some...

Recently, according to multiple Taiwanese media reports, the trading systems of many securities firms, including Yuanta Securities, Taiwan’s leading securities firm, are suspected to have been subject to “credential stuffing attacks” by hackers. A large number of customers’ securities accounts were automatically “placed” and batched Buy Hong Kong stocks. Among them, there are even investor accounts that passively buy...

Zero Trust is the latest buzzword being thrown around by security vendors, consultants and policymakers as a panacea to all cybersecurity problems, and some 42% global organizations say they already have plans to adopt Zero Trust. The Biden administration also outlined federal network and systems acquisition...

Israel's Defense Ministry has sharply restricted the number of countries to which its cybersecurity companies can sell offensive hacking and surveillance tools, with 65 countries removed from the export list. Details of the revised list were first reported by Israeli business newspaper Calcalist…

Research found that the attackers used a previously undocumented JavaScript malware that served as a loader to distribute a series of remote access Trojans (RATs) and information-stealing programs. HP Threat Research reports this new evasion...

On November 22, GoDaddy, a well-known online registration and hosting service provider, just disclosed a hacking incident to the U.S. Securities and Exchange Commission (SEC) and found that an "unauthorized third party" had gained access to its WordPress hosting environment...

A threat actor known for targeting targets in the Middle East has once again evolved its Android spyware and enhanced its capabilities to make it more stealthy and persistent, while concealing itself with seemingly innocuous app updates. Reports indicate that a new variant of the spyware has been…

Under new cybersecurity incident notification rules, U.S. banks will be required to notify federal regulators within 36 hours of discovering any cybersecurity incident. The rule takes effect on April 1, 2022, but enforcement will not begin until May 1…

Combining Cymru Team's threat intelligence and threat hunting capabilities with Amplicy's Internet asset discovery and vulnerability management will give enterprise defenders a complete view of their organization's cyber risks. The Cymru team received an undisclosed amount from…