News
-
"Report: Wartime Hacktivism Is Spilling over into the Financial Services Industry"According to a new report by the Financial Services Information Sharing and Analysis Center (FS-ISAC), Russia's war with Ukraine caused a rise in politically motivated hacktivism that continues to this day, significantly impacting the cyber threat…
-
"High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian"Security researchers at Cisco's Talos threat intelligence and research unit recently disclosed the details of two high-severity vulnerabilities discovered last year in WellinTech's KingHistorian industrial data historian software. China-based…
-
"Securing Edge-Enabled Cyber-Physical Systems"Through edge computing, computation and data storage are brought closer together, reducing the amount of data sent to and from the cloud. Although edge computing reduces some security risks by keeping data near its source, it also adds new security…
-
"The Move to Memory-Safe Programming"In November 2022, the National Security Agency (NSA) suggested using memory-safe programming languages to protect against software-memory safety problems. The "Future of Memory Safety" report published earlier this year by Consumer Reports advocated…
-
"Just 1% of Dot-Org Domains Are Fully DMARC Protected"According to security researchers at EasyDMARC, only 1.2% of nearly 10 million .org domains in circulation have fully implemented DMARC to mitigate the risk of phishing. The researchers reviewed over 9.9 million verified .org email domains and…
-
"Zoom Paid Out $3.9 Million in Bug Bounties in 2022"Video communications giant Zoom recently announced that in 2022 it paid out $3.9 million to security researchers who reported vulnerabilities as part of its bug bounty program. Zoom launched a private bug bounty program on HackerOne in 2019 and has…
-
"Ransomware 'Likely' to Target Transportation OT Systems, Warns EU Cyber Agency"According to a new report from the European Union Agency for Cybersecurity (ENISA), ransomware attacks are the most pressing cyber threat faced by the transportation sector. This is the first time the agency has analyzed threats to the aviation,…
-
"ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques"The North Korean Advanced Persistent Threat (APT) group called ScarCruft downloads additional malware using weaponized Microsoft Compiled HTML Help (CHM) files. According to different reports from AhnLab Security Emergency Response Center (ASEC), SEKOIA.…
-
"Hackers Use New PowerMagic and CommonMagic Malware to Steal Data"Researchers have discovered attacks by a sophisticated threat actor involving a previously unknown malicious framework called CommonMagic and a new backdoor called PowerMagic. Since at least September 2021, both pieces of malware have been used in…
-
"Custom 'Naplistener' Malware a Nightmare for Network-Based Detection"A group tracked by Elastic Security Labs as REF2924 is using new data-stealing malware, a C#-written HTTP listener named Naplistener, in attacks against victims in southern and southeast Asia. According to Elastic's senior security research engineer…
-
"Voice Deepfakes Are Calling – Here's What They Are and How to Avoid Getting Scammed"Security researchers have observed that advances in deep learning algorithms, audio editing, and synthetic voice generation are making it increasingly feasible to replicate a person's voice convincingly. In addition, Artificial Intelligence (AI)-driven…
-
"Only 15 Percent of Companies Are Ready for Cyber Threats"According to Cisco's first-ever Cybersecurity Readiness Index, only 15 percent of companies worldwide are at the 'Mature' level of readiness required to be resilient against today's advanced cybersecurity threats. Over half (55 percent) of companies fall…