All posts

Researchers have devised a theoretical attack to steal private encryption keys through monitoring standard CPU and OS behavior.

Companies need to build a culture of security, but this is impossible when employees are afraid to discuss incidents or suggest improvements.

We’ve uncovered a new Trojan — Efimer — which steals cryptocurrency via the clipboard. Here’s how it functions, and how you can stay protected.

Using anomalies in the behavior of users, devices, applications, and other entities to detect cyberthreats.

Android smartphone owners who use messengers are at risk.

Attackers are sending phishing emails to developers of PyPi packages and Firefox add-ons.

Deepfake videos, fraudulent Instagram and Facebook accounts, private WhatsApp chats: how Mark Zuckerberg’s social media platforms have become a primary tool for investment scammers.

The more jobs you juggle, the higher your exposure to personal cybersecurity risks — especially if you’re a Zoomer.

We dive into which corporate systems support passkeys, where compatibility falls short, and why we probably won’t be saying goodbye to passwords anytime soon.

Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.

Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?

Attackers hijack Discord invite links and redirect victims to scam servers to install malware using the ClickFix technique.

Scammers are tricking people into giving up cryptocurrency through Google Forms surveys. Here is what they are doing and how to avoid falling victim to this scam.

A detailed guide to configuring security and privacy in Garmin Connect and the Connect IQ Store.

Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.

Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.

A curious case of spear-phishing email techniques employed on a mass scale.

Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.

Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.

We break down the Common Vulnerability Scoring System: what it’s for, how it’s used in practice, and why the Base Score is just the beginning — not the end — of vulnerability assessment.

How the research tool Defendnot disables Microsoft Defender by registering a fake antivirus, and why you shouldn’t always trust what your operating system says.