News
-
"Palo Alto Networks, Aruba Patch Severe Vulnerabilities"Palo Alto Networks and Aruba Networks have recently released patches for severe vulnerabilities affecting their products. An advisory published by Palo Alto Networks on October 12 informs customers about a high-severity authentication bypass…
-
"Android Security Warning: Telephone-Oriented Attack Delivery (TOAD)"People are being tricked by an Android banking malware attack into entering their phone number and other sensitive information into phishing websites, which cybercriminals then use to call victims and further deceive them into installing malware on…
-
"Here's 5 of the World's Riskiest Connected Devices"Forescout's research team examined 19 million connected devices deployed across five industries to identify the riskiest device groups, which are smart buildings, medical devices, networking equipment, IP cameras, VoIP, and video conferencing systems.…
-
"POLONIUM APT Targets Israel With a New Custom Backdoor Dubbed PapaCreep"Since at least September 2021, an Advanced Persistent Threat (APT) group known as POLONIUM has used custom backdoors in attacks against Israeli entities. The POLONIUM APT group targeted only Israeli targets and launched attacks on more than a dozen…
-
"WhatsApp Users Beware: Dangerous Mobile Trojan Being Distributed via Malicious Mod"Researchers discovered a threat actor distributing a data-stealing mobile Trojan through a spoofed version of YoWhatsApp, a relatively popular modified version of the WhatsApp messaging app. Users who install the app risk having their WhatsApp account…
-
"New Alchimist Attack Framework Targets Windows, macOS, Linux"Researchers discovered a new attack and command-and-control (C2) framework known as 'Alchimist,' which appears to be actively used in attacks against Windows, Linux, and macOS systems. The framework and its files are 64-bit executables written in GoLang…
-
"New Timing Attack Against npm Registry API Could Expose Private Packages"A novel timing attack against the npm's registry Application Programming Interface (API) can potentially be used to reveal private packages used by organizations, thus putting developers at risk of supply chain threats. Threat actors can detect…
-
"Are Virtual Private Networks Actually Private?"Jedidiah Crandall, an associate professor of computer science at Arizona State University (ASU), is conducting research on the effectiveness of Virtual Private Networks (VPNs). Crandall explains that VPNs conceal a user's Internet Protocol (IP) address…
-
"Malicious Emails Surged for Election Workers in 2 Battleground States Ahead of Primaries"According to research shared by the cybersecurity firm Trellix, county election workers in Arizona and Pennsylvania experienced a spike in malicious emails ahead of the states' primaries earlier this year. Trellix security researchers stated in a blog…
-
"Sector’s Increasing Interconnectedness Poses Healthcare Cybersecurity Risks"Security researchers at Vedere labs have found that healthcare, like any other industry, is increasingly relying on internet-connected devices to facilitate day-to-day operations and workflows. The interconnectedness of healthcare means that…
-
"Zoom-Themed Cyber Attacks Fuel Rapid Malware Growth"Cyberattacks that entice victims with themes based on the popular video conferencing service Zoom have boosted malware growth, with one named Vidar becoming increasingly popular in a short period of time. Vidar malware is ranked eighth in Check Point…
-
"RIT Provides Customized Cyber Risk Educational Series to S&P Global Ratings"Cybersecurity experts at Rochester Institute of Technology (RIT) recently collaborated with S&P Global Ratings credit analysts in an educational partnership to better frame the impact of cyber risk on an organization's creditworthiness. Credit…