The Shoprite Group, one of the largest supermarket chains in Southern Africa, has been infected with ransomware. The chain recently issued a statement announcing the cyberattack for which the RansomHouse ransomware group claimed responsibility. The…

A team of researchers from Purdue University, the University of California, Santa Barbara, and Swiss Federal Institute of Technology Lausanne (EPFL) received a $3.9 million grant from the Defense Advanced Research Projects Agency (DARPA) in support of…

A team of researchers from North Carolina State University and Dokuz Eylul University demonstrated the first side-channel attack on homomorphic encryption, which could be used to leak data while the encryption process is in progress. They were not able…

According to an investigation by Cybernews, free VPN software provider BeanVPN has reportedly left almost 20GB of connection logs accessible to the public.  Cybernews stated that the cache of 18.5GB connection logs allegedly contained more than 25…

According to new Microsoft research, two of the most prolific affiliate threat organizations, DEV-0237 and DEV-0504, which have been linked to various ransomware families, including Hive, Conti, and Ryuk, are now using the BlackCat Ransomware-as-a-…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory on protection against cyber threats…

SAP, a business software and solutions provider, recently released several new security notes on its June 2022 security patch day.  In particular, the document outlined ten new notes and two updated ones.  One vulnerability mentioned in SAP's…

Around March 2022, a new peer-to-peer botnet called Panchan emerged in the wild, mining cryptocurrencies on Linux computers in the education sector. Panchan is equipped with SSH worm functions such as dictionary attacks and SSH key abuse, allowing rapid…

On March 29, the FBI issued a warning about an ongoing and extensive phishing campaign aimed at US election officials. Since October 2021, attackers have attempted to obtain officials' login credentials in at least nine states by using fake invoice…

Security researchers at Digital Shadows Photon Research stated that passwordless technology might be one of the most hyped categories in cybersecurity at the moment, but the reality on the ground is that passwords are still widely entrenched and wildly…

A hacktivist group named DragonForce Malaysia has claimed responsibility for attacking and defacing at least 70 Indian government and private sector websites. According to the Times of India, the group claims the attacks are an act of retaliation for…

Splunk recently announced the release of out-of-band patches that address multiple vulnerabilities across Splunk Enterprise, including a critical issue that could lead to arbitrary code execution.  Splunk uses Splunk Enterprise deployment servers to…