Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344
The story of a signed UEFI application allowing a UEFI Secure Boot bypass
Month: January 2025
Hackers Use Image-Based Malware and GenAI to Evade Email Security
HP Wolf highlighted novel techniques used by attackers to bypass email protections, including embedding malicious code inside images and utilizing GenAI
EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity
A new EU action plan will be structured around four pillars: prevention, threat detection and identification, response to cyber-attacks and deterrence
NIS2 Compliance Checklist
The NIS2 Compliance Directive is a pivotal regulation aimed at enhancing cybersecurity within critical sectors across the European Union. With its stringent requirements for managing cyber risks, securing supply chains, and reporting incidents, it’s es…
Dual Use Deception: How Technology Shapes Cooperation in International Relations
In this special episode of Horns of a Dilemma, Rick Landgraf talks with Jane Vaynman and Tristan Volpe, co-authors of “Dual Use Deception: How Technology Shapes Cooperation in International Relations,” published in the journal International Organizatio…
Introducing Lightspark’s Public Bug Bounty Program
Lightspark is excited to announce the launch of its public bug bounty program with HackerOne.
Emerging Security Threats Retail Business Owners Should be Aware Of
The retail industry faces evolving security threats that endanger profitability, safety, and customer trust. Recent data shows a 19% increase in shoplifting in 2024, while only 2% of shoplifters are caught. Retailers also experience losses from fraudulent returns and cargo theft. In 2022, Massachusetts retailers lost over $1.6 billion of revenue to theft. These challenges […]
CISA Launches Playbook to Boost AI Cybersecurity Collaboration
CISA launched the JCDC AI Cybersecurity Playbook to enhance collaboration on AI cybersecurity risks
Chinese PlugX Malware Deleted in Global Law Enforcement Operation
The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity firm Sekoia.io
Multi-Cloud Adoption Surges Amid Rising Security Concerns
A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure