Business

What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!

A credential stuffing attack is one of the most effective ways to take control of accounts. Here’s how it works and what you should do to protect your company.

Cybersecurity measures of Tantiss base as depicted in the third season of “Star Wars: The Bad Batch”

Dropbox has shared a report on a data breach in the Dropbox Sign e-signature service. What does this mean for users, and what should they do?

Expanding Global Transparency Initiative by opening Istanbul Transparency Center and launching a Transparency Lab together with Boğaziçi University

By hijacking domains with CNAME records and exploiting forgotten SPF records, attackers seize domains and use them for their own purposes.

How to protect your company from mail bombs and other unwanted correspondence using personalized content filtering

We explain in simple terms research demonstrating a vulnerability in modern digital video cameras.

Proxyware can make it difficult to detect cyberattacks on organizations — sometimes making the latter unwitting accomplices in crimes.

Cybersecurity lessons from the movie “The Beekeeper”.

A backdoor implanted into XZ Utils has found its way into popular Linux distributions.

We review a recent research paper highlighting a major hardware vulnerability in Apple M1, M2, and M3 CPUs.

A recent study shows how it’s possible to identify typed text from the sound of keystrokes — even in far-from-ideal environments.

To go undetected, attackers can operate in your network without any malware at all. How to detect them and prevent damage?

Commercial spyware — what it is, how it infiltrates devices, what it can do once inside, and how to defend against it.

SIM swap fraud is back in vogue. We explain what it is, the danger it poses to organizations, and how to guard against such attacks.

Researchers claim to have found a way to recover a fingerprint by… eavesdropping on a user swiping a finger across the screen!

Cybercriminals prey on access to mailing tools by sending phishing emails through these same tools.

A look at the biggest ransomware attacks of 2023.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.