An MIT Lincoln Laboratory study explored the implementation of zero-trust security, a cybersecurity approach that requires users to prove their authenticity every time they access data or a network application. The goals of the study were to review the…

Dr. Yupeng Zhang, assistant professor in the Department of Computer Science and Engineering at Texas A&M University, has received the National Science Foundation's (NSF) Faculty Early Career Development (CAREER) Award for his research project focused…

The personal information of nearly two million Texans was exposed for almost three years due to a programming issue at the Texas Department of Insurance (TDI).  The department revealed that details of 1.8 million workers who have filed compensation…

The U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investigation, recently warned that organizations should be careful when employing IT freelancers because they may be hiring North Korean hackers. North Korean…

According to a recent Viasat report, a cyberattack rendered Viasat KA-SAT modems nonfunctional throughout Ukraine on February 24. As a result of the attack, remote monitoring and control of 5,800 Enercon wind turbines in Germany were disabled. A recently…

The Shadowserver Foundation, a nonprofit cybersecurity organization, has started scanning the internet for Kubernetes API servers and found roughly 380,000 that allow some form of access. Shadowserver is conducting daily scans of the IPv4 space on ports…

A study conducted by researchers at the University of Trento in Italy calls on organizations to prioritize existing vulnerabilities to mitigate the risk of compromise. Their research found that most Advanced Persistent Threat (APT) groups exploit known…

According to new research at RiskIQ, less than a fifth of digital skimming activity at the start of the year was linked to Magecart groups, as cheap tools lowered the barrier to entry for less sophisticated cybercriminals.  Researchers analyzed the…

The security agencies of five countries have outlined 10 of the most common ways threat actors compromise their victims, most of which can be mitigated by basic cyber-hygiene best practices. Cybersecurity authorities of the US, Canada, New Zealand, the…

Security researchers have found that tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin.  The…

The Federal Bureau of Investigation (FBI) has issued a warning pertaining to a malicious actor stealing credit card information from the checkout pages of US firms' websites. According to the FBI, unidentified cyber actors scraped credit card data from a…

Cyber actors commonly use misconfigured or unsecured security configurations, weak controls, and other bad cyber hygiene practices to gain initial access or compromise a victim's system. A joint Cybersecurity Advisory co-authored by the cybersecurity…