A new study conducted by researchers from Monash University proposes the most effective way to accurately predict vulnerabilities contained by software code and improve cybersecurity. Software vulnerabilities are common in all systems developed with…

MITRE has developed a prototype framework for Information and Communications Technology (ICT) that defines and quantifies supply chain risks and security concerns, including software. The prototype framework called System of Trust (SoT) is essentially a…

Researchers at Trustwave SpiderLabs have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot.  The phishers hope that this reluctant acceptance of chatbots will help…

According to new research by identity management vendor Hitachi ID, nearly half (46%) of IT and security leaders still store corporate passwords in office documents like spreadsheets, exposing their organization to significant cyber risk.  It is…

Quantum computing will significantly increase computing power. However, that capability poses a threat to cryptographic systems, potentially jeopardizing global data. To solve the problem, QuSecure is introducing an industry-first end-to-end post-quantum…

The Microsoft 365 Defender Research Team observed a new type of malware that collects and exfiltrates data directly from cryptocurrency wallets. The researchers dubbed the information-stealing malware "cryware." According to the researchers,…

According to researchers at Imperva, malicious bots accounted for almost 28% of global web traffic in 2021, a record high that exceeded the previous year’s figure of 26%.  The researchers stated that bots are software apps that run automated tasks…

According to new research conducted by Group-IB, the average ransom demand in 2021 was $247,000, 45% more than the previous year, with most threat actors trying to force payment via double extortion tactics.  During the study, the Group-IB compiled…

Microsoft has issued a warning about brute-force attacks on Internet-exposed and inadequately protected Microsoft SQL Server (MSSQL) database servers using weak passwords. Although this is not the first time MSSQL servers have been attacked, Redmond…

According to researchers, a GitHub proof-of-concept exploit of recently disclosed VMware bugs is being used by hackers in the wild. Hackers are exploiting the reported VMware bugs in order to deliver Mirai Denial-of-Service (DoS) malware and exploit the…

The National Institute of Standards and Technology (NIST) is working on updating its influential Cybersecurity Framework, which was first published in 2014 and updated in 2018. A NIST official stated on May 17 that the agency is relying on industry…

A new report from Cyber Security Works (CSW) says researchers observed ransomware groups exploiting vulnerabilities that were several years old. The discovery highlights a continuing trend in which threat actors target known vulnerabilities and trusted…