On October 25, the St. Petersburg Garrison Military Court sentenced Artem Zayets and Alexey Malozemov to four and a half and five years in a general-regime penal colony, respectively. Ruslan Khansvyarov received a five-and-a-half-year...
The thrilling Pwn2Own 2024 competition continues in Ireland, where participants showcase their prowess in uncovering vulnerabilities in popular devices. Day two revealed 51 zero-day vulnerabilities and awarded participants a cumulative prize of $358,625, bringing...
The Irish regulator has fined LinkedIn €310 million for violating user privacy. The platform conducted behavioral data analysis for targeted advertising without adequate transparency or consent. An investigation, launched following a complaint from the...
The North Korean Lazarus group exploited a zero-day vulnerability in the Google Chrome browser to steal cryptocurrency, disguising their actions through a malicious online game. This was revealed by Kaspersky Lab experts at the...
A critical vulnerability has been discovered in several models of Xerox printers, allowing attackers to remotely execute arbitrary commands with elevated privileges. At risk are the EC80xx, AltaLink, VersaLink, and WorkCentre models, if they...
Cybersecurity researchers have discovered a vulnerability in Amazon Web Services (AWS) Cloud Development Kit (CDK) that, under certain conditions, can lead to account takeover. According to a report from Aqua Security released recently, the...
The eight-year-old botnet “Prometei” continues to infect systems worldwide, spreading cryptojacking programs and web shells. First discovered in 2020, research data indicates that it has been active since 2016. Over this period, it has...
The Supreme Court of the United Kingdom has granted human rights advocate Yahya Assiri the right to file a lawsuit against the Saudi Arabian government for its alleged use of spyware to surveil him....
Fortinet has disclosed a new vulnerability in FortiManager, dubbed “FortiJump.” According to a Mandiant report, the vulnerability has been actively exploited in zero-day attacks since June 2024, leading to the compromise of more than...
The U.S. Securities and Exchange Commission (SEC) has unveiled its 2025 market participant examination plan. The regulator aims to tighten oversight of modern technologies and enhance investor protection against unscrupulous practices. The SEC’s Division...
The Department of Technology for the City of Columbus is still recovering from a large-scale cyberattack that occurred at the end of July. Three months later, a quarter of the city’s computer systems remain...
The Grandoreiro Trojan, active since 2016, continues to be utilized by cybercriminal affiliates despite the arrests of its key members in early 2024. According to data from Kaspersky Lab, the latest version of this...
