Researchers at the Southwest Research Institute (SwRI) developed an Intrusion Detection System (IDS) for Industrial Control Systems (ICS) aimed at helping government and industry improve the detection of cyber threats to industrial networks in critical…

Security researchers at Specops Software analyzed a database of more than 800 million known-breached passwords and found that 83% of the passwords met basic security standards set by five different standards agencies.  The researchers stated that…

IBM announced on Tuesday that it has expanded a program to improve the cybersecurity defenses of public schools with $5 million in grants.  IBM stated that $5 million of in-kind grants would be awarded to public schools, including K-12 institutions…

Smart devices are intended to make our lives easier, but at the same time, they can serve as a conduit for passive eavesdropping. Researchers from the Max Planck Institute for Security and Privacy, the Horst Görtz Institute for IT Security at Ruhr-…

In cybersecurity, "whaling" refers to cybercriminals targeting high-level executives to steal the most privileged information and obtain access to the most sensitive data. According to Tonia Dudley, strategic adviser at Cofense, these whaling attempts…

Researchers at Sonatype, SANS Institute, and an independent researcher have discovered that a popular Python package was compromised recently and replaced with a malicious version designed to help the attacker obtain AWS credentials.  The…

According to a new report by the United States Senate Committee on Homeland Security & Governmental Affairs, the US government lacks comprehensive data on ransomware attacks, including how much is lost in payments.  The report presented the…

Verizon's 2022 Data Breach Investigations Report (DBIR) revealed a growth in cyberattacks across all sectors, including healthcare. Verizon discovered a 13 percent spike in ransomware year-over-year, representing an increase that is more significant than…

A December cyberattack on a Canadian healthcare organization compromised a wide range of data, including patient information dating back to 1996 and personnel vaccination records from last year. Some of the compromised data came from a non-profit…

A new cybercrime group that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what…

According to Microsoft, card-skimming malware is increasingly using malicious PHP software on web servers to modify payment sites and avoid browser safeguards activated by JavaScript code. Card skimming has been fueled in recent years by Magecart malware…

Cisco recently informed its customers that it is aware of in-the-wild exploitation attempts targeting a new vulnerability affecting its IOS XR software.  The flaw, tracked as ​​CVE-2022-20821, was discovered by Cisco during the resolution of a…