According to Mandiant, the most common exploit paths that medium to large enterprises left open for attackers in Q1 2022 include exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takeover, exposed…

The BlackBerry Threat Research & Intelligence team, in collaboration with Intezer security researcher Joakim Kennedy, detailed a new form of Linux malware dubbed Symbiote, which is said to be almost impossible to detect because of its parasitic…

The UK government has recently reported that they have acquired its first quantum computer in a landmark moment which should help boost its research capabilities in cyber-defense and other critical areas of national security.  The Ministry of…

The University of Jyväskylä's "Seamless Authentication for Everyone" (SAFE) Project aims to develop a solution that addresses the security challenges associated with passwords. Password management is critical not only for individual users' security but…

The Hydra marketplace, the world's largest darknet marketplace selling illicit substances, hacking tools, falsified documents, and stolen data, was shut down in a coordinated effort. The criminal marketplace, which had about 17 million consumer accounts…

Researchers discovered a large-scale phishing campaign that exploited Facebook Messenger to trick millions of users into entering their account credentials and viewing adverts on phishing pages. The campaign operators used stolen accounts to send more…

According to the latest Cloud Security Report from Thales, 45 percent of businesses have faced a cloud-based data breach or failed audit in the past 12 months, a 5 percent increase from the previous year. The report also brings further attention to the…

The Cybersecurity and Infrastructure Security Agency (CISA) published a new advisory warning public and private sector organizations about China-based state-sponsored cyberattacks against US firms.  The document describes a series of common…

Google Published its Android Security Bulletin for June on Monday, and it contains details of over 40 security vulnerabilities affecting Android devices and related patches.  Google stated that the most severe of these issues was a critical security…

Deloitte & Touche researchers have discovered a potential attack vector that targets network slices, a critical component of 5G architecture. Next-generation 5G networks are expected to be the communications backbone for various mission-critical…

Security researchers at Cybereason surveyed 1,456 cybersecurity professionals during their new study.  Participants represented a global mix of cybersecurity professionals in the United States (24 percent), U.K. (17 percent), U.A.E., Japan,…

The Black Basta ransomware group is working with the QBot malware operation to spread laterally through compromised business systems. QBot, also known as QuakBot, is a Windows malware capable of stealing bank and domain passwords and distributing other…