Security researchers at Sophos have found that threat actors spent a median of 15 days inside victim networks last year, an increase of over a third from the previous year.  The researchers stated that the increase in dwell time is down mainly to…

Paul Staat and Johannes Tobisch, Ph.D. students at RUB, are developing methods for protecting hardware against manipulation. Technical systems must be safeguarded not only from remote cyberattacks, but also from hardware modification. They are working on…

Newly detected Android malware called SMSFactory is increasing phone bills by adding premium service subscriptions unbeknownst to victims. According to researchers at Avast, the malware has various distribution channels, including those associated with…

There is a new wave of phishing campaigns attempting to spread SVCReady malware. This malware is known for the unusual way in which it is delivered to target PCs as it uses shellcode hidden in the properties of Microsoft Office documents. SVCReady is…

Shields Health Care Group has recently informed roughly two million individuals of a cybersecurity incident that potentially impacted their personal data.  Shields Health Care Group is located in Massachusetts and provides management and imaging…

Guillaume Dupont, a Ph.D. student at the Eindhoven University of Technology (TU/e), investigated the 'safeness' risks in hospitals and modern automobiles, two critical cyber-physical domains. He developed three key requirements to provide efficient…

State-sponsored hackers have been added to the list of adversaries seeking to exploit Microsoft's now-patched Follina vulnerability. According to Proofpoint researchers, state-sponsored hackers attempted to exploit the Follina vulnerability in Microsoft…

Even though consumers won’t see it for years, researchers worldwide are already laying the foundation for the next generation of wireless communications, 6G.  Security researchers at the University of Texas at Austin have developed components that…

Would-be phishing victims have a significant edge in a phishing attack, with cybercriminals having to perform everything by hand. However, OpenAI's GPT showed that powerful Machine Learning (ML) text generation can also be designed to be simple for lay…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has announced a collaborative effort with the industry to increase the adoption of Multi-Factor Authentication (MFA) as well as ensure widespread understanding…

Researchers with Secureworks reported a new cybercrime campaign in which many unsecured Internet-facing Elasticsearch instances are being used to steal databases and display a ransom note requesting a ransom to be paid to get the database back. The…

The Cybersecurity and Infrastructure Security Agency (CISA) recently put out an advisory stating that vulnerabilities within some Dominion voting machines used in roughly a dozen states should be mitigated “as soon as possible.”  The technical flaws…