risks

Scammers are exploiting GetShared to bypass email security.

A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.

We look at the most notable supply-chain attacks of 2024.

$3 billion worth of damage to healthcare insurance giant, schools closed, soccer club players’ data leaked, and other ransomware incidents in 2024.

What to do if you receive a text with a two-factor authentication code from a service you’ve never registered for.

A look at the biggest ransomware attacks of 2023.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.

Time to update Fortra GoAnywhere MFT: an exploit has been developed for a critical vulnerability that allows attackers to bypass authentication and create admin accounts.

Ethical hackers told 37C3 how they found a few eye-openers while breaking DRM to fix trains.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.

We explain what OSINT is, why it has to be front-of-mind at all times, and how to guard against hackers using it.

How social engineering helped hack the CIA chief, hijack Elon Musk and Joe Biden’s Twitter accounts, and steal half-a-billion dollars.

What security aspects should be top-of-mind when implementing important changes in corporate IT infrastructure?

Low-code apps lower IT costs, but boost information security risks. How to mitigate them?

Social engineering in the spotlight: from classic tricks to new trends.

A few tips on how to establish cybersecurity communications with employees.

Сloud technologies differ in terms of both costs and risks. What cloud type should you choose, and how should you begin your migration?

The pros and cons of different approaches to deploying and maintaining information security systems.