The Centre for Cyber Security Belgium (CERT.be) has issued an advisory warning of an actively exploited zero-day vulnerability (CVE-2023-38606) affecting all Apple products. This vulnerability, which allows for the modification…

Introduction In a significant development in the cybersecurity landscape, the banking sector has recently been the target of two distinct open-source software (OSS) supply chain attacks. These attacks, detected by…

In the ever-evolving field of Cyber Threat Intelligence (CTI), understanding the motivations behind cyber-attacks is paramount for effective threat mitigation and response. While financial gain is often a primary driver,…

Introduction The Terrestrial Trunked Radio (TETRA), a communication system extensively utilized by government agencies, law enforcement, and emergency services organizations across Europe, the United Kingdom, and numerous other countries, has…

A recent operation against phishing SMS campaigns in the UK, shared via a tweet by Jake from JCyberSec_ (@JCyberSec_) and a LinkedIn post by the Dedicated Card and Payment Crime…

Ivanti, a leading provider of IT software solutions, has recently addressed a critical zero-day authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability,…

APT32, also known as OceanLotus Group, is a Vietnam-based threat group that has been active since at least 2014. This group is known for its sophisticated attacks on several private…

On July 24, 2023, the Norwegian government announced that its ICT platform, used by 12 of its ministries, had been compromised in a cyberattack. The attack was carried out by…

A recent oss-security list post from Tavis Ormandy has brought attention to a use-after-free vulnerability, CVE-2023-20593, in AMD Zen2 processors.

In the digital age, the fight against child abuse has taken on new dimensions. One of the most innovative approaches to this issue is the “Stop Child Abuse – Trace…