Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

December 11, 2024

December Patch Tuesday arrives bearing 71 gifts

Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins

Threat Research

November 20, 2024

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

Security OperationsThreat Research

November 13, 2024

November Patch Tuesday loads up everyone’s plate

Fourteen product families affected as 2024 passes an unfortunate milestone

Threat Research

November 08, 2024

VEEAM exploit seen used again with a new ransomware: “Frag”

Security OperationsThreat Research

November 06, 2024

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign

The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.

Security OperationsThreat Research

October 16, 2024

From QR to compromise: The growing “quishing” threat

Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices

Threat Research

October 09, 2024

October Patch Tuesday harvest hauls in 117 CVEs

Bumper crop of Windows vulns leads the way; 15 product groups represented

Threat Research

September 12, 2024

Standing on the Windows platform, waiting for change

In the wake of a gathering of industry leaders at Microsoft to discuss the endpoint-security ecosystem, some thoughts

Products & ServicesThreat Research

September 12, 2024

September Patch Tuesday addresses 79 CVEs

Seven critical-severity vulnerabilities addressed, including an extraordinary (but narrow) Windows Update flaw

Threat Research