News
-
"UK Parliament Bans TikTok from its Network and Devices"The UK parliament has recently followed the government's lead in banning TikTok from official devices and gone further by not allowing any users to access the social networking app from its network. The news follows similar decisions by the…
-
"ORNL Malware 'Vaccine' Generator Licensed for Evasive.ai Platform"The use of Artificial Intelligence (AI) and Machine Learning (ML) is transforming technology and product development, resulting in the creation of more intelligent, efficient, and tailored applications that use large amounts of data. However, the…
-
"Security Flaws Cost Fifth of Execs Business"Security researchers at Trend Micro have discovered that boards continue to under-appreciate the value of cybersecurity to the business, despite acknowledging its critical role in winning new business and talent. The researchers polled 2718…
-
"The End of Text-Based Passwords? TIM Provides a New Solution"In a new study, computer scientists from the University of Surrey present an image-based authentication system for mobile phones called Transparent Image Moving (TIM) that helps lower the risk of shoulder surfing attacks. Shoulder surfing is a security…
-
"IRS Phishing Emails Used to Distribute Emotet"Security researchers at Malwarebytes are warning US taxpayers not to fall for a new phishing campaign using the IRS as a lure to install notorious Trojan Emotet on their machines. Scammers have long used tax filing season as an opportunity to trick…
-
"Critical Infrastructure Gear Is Full of Flaws, but Hey, at Least It's Certified"According to security researchers, devices used in critical infrastructure are infested with vulnerabilities that can cause Denial-of-Service (DoS), enable configuration manipulation, and help attackers achieve Remote Code Execution (RCE). In addition,…
-
"Surge in Compromised Credentials Highlights Rampant Cyber Hygiene Failings"Security experts are warning over the significant growth in exposed account passwords after a repository of compromised credentials surpassed five billion records. This month, Authlogics, a UK-based provider of password security technologies for…
-
"New CISA Tool Detects Hacking Activity in Microsoft Cloud Services"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released a new open-source incident response tool to help detect malicious activity in Microsoft cloud environments. This Python-based utility, known as the…
-
"MITRE Rolls Out Supply Chain Security Prototype"MITRE has launched a prototype cloud-based platform for its new System of Trust (SoT) framework, which identifies and quantifies supply chain risks and cybersecurity concerns. Organizations can now use the Risk Model Manager (RMM) platform to assess…
-
"North Korean APT Group 'Kimsuky' Targeting Experts with New Spear-Phishing Campaign"German and South Korean government agencies have issued a warning about a new spear-phishing campaign launched by the Kimsuky North Korean Advanced Persistent Threat (APT) group against experts on the peninsula. The campaign gains access to victims'…
-
"Okta Passwords at Risk, New Research Shows"Okta is one of the leading providers of authentication services and Identity and Access Management (IAM) systems, with a net worth of $13.6 billion and over 17,000 customers worldwide. However, the cloud incident response company Mitiga has discovered a…
-
"Fake ChatGPT for Google Extension Hijacks Facebook Accounts"Guardio Labs researchers discovered that a new Chrome extension that promises to enhance users' Google searches with ChatGPT also leads to compromised Facebook accounts. While this method is not new, the extension worked as claimed. The Artificial…