News
-
"UEFI: 5 Recommendations for Securing and Restoring Trust"Despite declining overall computer sales in 2022, 286.2 million Windows-based PCs were sold. Each computer was released with firmware based on the Unified Extensible Firmware Interface (UEFI), an alternative to the Basic Input/Output System (BIOS) that…
-
"Commonwealth Cyber Initiative Funds New Round of CyberArts Projects"In the Commonwealth Cyber Initiative (CCI) 2023 CyberArts Program, researchers from across Virginia will explore cybersecurity issues through an artistic lens. These issues include Artificial Intelligence (AI), privacy, fraud, misinformation, and more.…
-
"Catching the Catfish: How University Students Won a National Cybersecurity Contest"A team of four undergraduate students from the University of Nevada, Reno, who competed in the 2023 Summer Social Engineering Event hosted by Temple University, found success by scamming an Internet scammer. The team named "WolfHack@UNR" won the three-…
-
"In-Office Work Is the Real Threat to Cybersecurity"New research indicates that remote employees take more security-related measures than their in-office counterparts. As organizations worry about the potential dangers of remote work, new research from the Farmer School of Business at Miami University…
-
"The Latest Victim of the MOVEit Data Breach is the Department of Health and Human Services"Federal health officials have recently notified Congress of a data breach that could involve the information of more than 100,000 people. A representative of the U.S. Department of Health and Human Services said Thursday that attackers gained…
-
"A New Wave of Insider Threats Will Be Driven by 'Shadow AI'"According to Imperva, poor data controls and the introduction of new generative Artificial Intelligence (AI) tools based on Large Language Models (LLMs) will cause an increase in insider data breaches in the coming year. As the effectiveness of chatbots…
-
"MITRE Publishes the Top 25 Most Dangerous Software Weaknesses"The US cybersecurity research organization MITRE has released its list of the top 25 most dangerous software vulnerabilities for 2023, with the top three remaining the same as last year's list. The 2023 Common Weakness Enumeration (CWE) list derives from…
-
"Employees Worry Less About Cybersecurity Best Practices in The Summer"According to security researchers at ThreatX, IT teams are struggling to monitor and enforce BYOD (Bring Your Own Device) policies during summer months when more employees are often traveling or working remotely. The researchers surveyed 2,000…
-
"Torrent of Image-Based Phishing Emails Are Harder to Detect and More Convincing"A torrent of image-based phishing emails has been released. They contain QR codes to bypass security protections and provide a level of customization that makes it easier to deceive recipients. In many cases, the emails are sent from a compromised email…
-
"miniOrange's WordPress Social Login and Register Plugin Was Affected by a Critical Auth Bypass Bug"Wordfence researchers have found a vulnerability in miniOrange's WordPress Social Login and Register plugin that allows an unauthenticated attacker to gain access to any account on a website by knowing the associated email address. Instead of requiring…
-
"Russian Satellite Telecom Dozor Allegedly Hit by Hackers"Hackers aligned with the Private Military Corporation (PMC) Wagner attacked Dozor-Teleport, a satellite communications provider used by Russia's Ministry of Defense and security services. Attackers targeted the infrastructure of the satellite…
-
"Medtronic Fixes Critical Flaw in Cardiac Device Data System"Medtronic's heart monitor data management system contains a vulnerability of critical severity that, if exploited, could lead to Remote Code Execution (RCE) or a Denial-of-Service (DoS) condition. The deserialization of untrusted data flaw, tracked as…