News
-
"Bedding Giant Tempur Sealy Takes Systems Offline Following Cyberattack"Bedding products giant Tempur Sealy has recently shut down certain systems after falling victim to a cyberattack. Based in Lexington, Kentucky, Tempur Sealy manufactures and sells mattresses, pillows, and other bedding products under brands such as…
-
"Researchers Unveil New Cipher System that Protects Computers Against Spy Programs"With the development of a new, highly efficient cipher for cache randomization, a group of international researchers has made significant progress in computer security. The cipher, designed by Rei Ueno, an assistant professor from the Research Institute…
-
"Stremio Vulnerability Exposes Millions to Attack"Researchers at CyFox have discovered a Dynamic Link Library (DLL) planting/hijacking vulnerability in the popular media center application Stremio, which attackers could exploit to execute code on a victim's system, steal information, and more. DLLs are…
-
"Canon Warns of Wi-Fi Security Risks When Discarding Inkjet Printers"Canon is warning users of home, office, and large-format inkjet printers that the Wi-Fi connection settings stored in the devices' memories are not wiped during initialization, enabling access to the data for others. This vulnerability could pose a…
-
"China's APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe"A nation-state actor with ties to China is believed to have been behind a series of attacks against industrial organizations in Eastern Europe that occurred last year in an attempt to steal data from air-gapped systems. Researchers attributed the attacks…
-
"China's Volt Typhoon APT Burrows Deeper Into US Critical Infrastructure"The US military has been dealing with two significant cyber threats, one being the Chinese campaign called Volt Typhoon against military bases, and the other being an insider breach impacting Air Force and FBI communications. The Biden administration has…
-
"A Repository of Common Penetration Testing Weaknesses"Marisa Midler and Samantha Chaves, penetration testers with the Carnegie Mellon Software Engineering Institute's (SEI) Computer Emergency Response Team (CERT), have introduced a repository of penetration testing findings that is now publicly accessible…
-
"ASU Researcher Bridges Security and AI"The many advancements in Artificial Intelligence (AI) show that the technology is critical. In the realm of national security, experts are taking note of the impact of AI on the collective defense strategy. Paulo Shakarian, an associate professor of…
-
"No Evidence Ransomware Victims With Cyber Insurance Pay Up More Often, UK Report Says"According to new research on the role of the insurance industry in driving the criminal ecosystem, there is no "compelling evidence" that victims of ransomware attacks with cyber insurance are more likely to make extortion payments than those without…
-
"Google: 'Vulnerabilities Persist Too Long on Android'"Google has published its annual report regarding zero-day vulnerabilities. In the report, Google's Threat Analysis Group (TAG) notes that patches are often unavailable to Android users for too long. The research group discovered 41 zero-day…
-
"Administration Launches National Cyber Workforce and Education Strategy to Address Cyber Workforce Needs"The Biden-Harris Administration has unveiled the National Cyber Workforce and Education Strategy (NCWES) to address immediate and long-term cyber workforce needs. Filling the many cyber positions in the US is a national security imperative. The NCWES…
-
"Hackers Exploit BleedingPipe RCE to Target Minecraft Servers, Players"It has recently been discovered that hackers are actively exploiting a "BleedingPipe" remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices. BleedingPipe…