News
-
11th Annual Best Scientific Cybersecurity Paper Competition Now Live!The eleventh NSA Competition for Best Scientific Cybersecurity Paper i
-
"Russia-Linked Drug Marketplace Solaris Hacked by Its Rival"According to blockchain analysis experts at Elliptic, one of the major darknet drug marketplaces called Solaris has been hacked by its competitor. Users who attempted to access Solaris after January 13 were redirected to the newly-launched Russian-…
-
"Cisco Patches High-Severity SQL Injection Vulnerability in Unified CM"Cisco recently announced patches for a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME). Designed as enterprise call and session management…
-
"Over a Third of Recent ICS Bugs Still Have No Vendor Patch"Security researchers at SynSaber stated that industrial control system (ICS) operators are being let down by their vendors after new research revealed that 35% of CVEs published in the second half of 2022 still have no available patch. The…
-
"NSA Publishes Internet Protocol Version 6 (IPv6) Security Guidance"The National Security Agency (NSA) has published guidance aimed at helping the Department of Defense (DOD) and other system administrators in identifying and mitigating security issues related to the migration to Internet Protocol version 6 (IPv6). The "…
-
"Ransomware Payments Fall by 40% in 2022"According to researchers at Chainalysis, ransomware payments fell by over 40% in 2022 compared to 2021, with victim organizations increasingly reluctant to pay their extorters. The researchers found that ransomware attackers extorted $456.8m from…
-
"Cross-Site Forgery Bug Would Facilitate Remote Code Execution in Microsoft Azure Services"Researchers at Ermetic discovered and disclosed a Cross-Site Request Forgery (CSRF) flaw impacting multiple Microsoft Azure services. The flaw would allow an attacker to take control of and remotely execute code on the victim's application. The flaw…
-
"Cyber Insurance Can Offset the Risks of Potential Breaches"Findings from a survey conducted by the cybersecurity and data backup company Datto suggest that small to medium-sized businesses (SMBs) are aware of growing cyber threats and are increasingly dedicating resources and investing in areas such as…
-
"MailChimp Discloses New Breach After Employees Got Hacked"Hackers gained access to an internal customer support and account administration tool at the email marketing provider MailChimp, allowing threat actors to access the data of 133 customers. According to MailChimp, the attackers obtained employee…
-
"ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware"New research suggests that the motive of financial and political gain, partially fueled by the ongoing conflict in Ukraine, has prompted threat actors to target Industrial Control Systems (ICS) with more disruptive cyberattacks, thereby diversifying the…
-
"New Research Delves into the World of Malicious LNK Files and Hackers Behind Them"There has been an increase in cybercriminals' use of malicious LNK files as a point of entry to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts demonstrated that it is possible to identify…