News
-
"HTTP/S DDoS Attacks Soar 487% in Three Years"Security researchers at Netscout discovered that the volume of application-layer distributed denial of service (DDoS) attacks targeting HTTP and HTTPS websites grew by triple digits between 2019 and 2022, thanks to groups like Killnet. The biggest…
-
"YouTube Attribution Links Exploited in New Phishing Campaign"Attackers have been avoiding detection by exploiting legitimate YouTube attribution links and a Cloudflare CAPTCHA. According to the cybersecurity company Vade, using YouTube attribution links is a novel method for circumventing email filters that scan…
-
"Microsoft, Fortra Get Legal Permission to Counter Cobalt Strike Abuse"Microsoft and two partner organizations have been granted legal permission to target cybercriminal infrastructure associated with the widespread abuse of Cobalt Strike, a legitimate testing tool that attackers have used against the healthcare industry.…
-
"Google Mandates Data Deletion Policy For Android Apps"Google has recently unveiled a new policy for Android apps that enable account creation. The rule mandates such apps to provide users with an option to delete both the accounts and the data associated with them. Bethel Otuteye, senior…
-
"Western Digital Hit By Network Security Breach"Data storage device manufacturer Western Digital has recently disclosed information about a network security incident detected on March 26. The company said the incident involved an unauthorized third party gaining access to several systems. …
-
"Nearly Half of Security Practitioners Told to 'Keep Data Breaches Under Wraps'"In the last year, nearly half of cybersecurity practitioners have been instructed by senior management to keep data breaches "under wraps." Bitdefender's survey of 400 Information Technology (IT) and security professionals revealed that 42 percent had…
-
"Telegram Now the Go-to Place for Selling Phishing Tools and Services"Telegram has become a hub for phishing bot and kit developers seeking to advertise their products to a larger audience or recruit helpers. Although the messaging platform has been used for cybercriminal activities for years, threat actors in the phishing…
-
"'BEC 3.0' Is Here With Tax-Season QuickBooks Cyberattacks"Cybercriminals are targeting victims with well-crafted phishing attacks from QuickBooks online accounts to steal credentials. According to researchers from Avanan, the scheme is at a level of legitimacy and social engineering that suggests new Business…
-
"Rilide Browser Extension Steals MFA Codes"Cryptocurrency thieves are targeting users of Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave Browser, and Opera, with an extension that can steal credentials and multi-factor authentication (MFA) codes. The extension, dubbed…
-
"CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released eight advisories regarding critical vulnerabilities in Industrial Control Systems (ICS) products from Hitachi Energy, mySCADA Technologies,…
-
"Researchers Fight Cybercrime With New Digital Forensic Tools and Techniques"Irfan Ahmed, Ph.D., associate professor of computer science, equips the good guys fighting the never-ending cybersecurity conflict with digital forensic tools and the knowledge to use them. Ahmed is the director of the Security and Forensics Engineering…
-
"Security Made Simple With NCSA's CILogon"Almost everyone in the digital age has likely, at some point, needed to access cloud-stored documents and data but forgot their password and had to create a new identity. For researchers with allocations for high-performance computing and services across…