The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has published a guide on the type of cyber incidents that critical infrastructure entities should be sharing with the government and how they should be sharing…

NATO's large, annual cyber wargames, known as the Locked Shields exercise, will bring together technical experts from alliance countries and Ukraine on Tuesday.  The North Atlantic Treaty Organization's Cooperative Cyber Defense Centre of Excellence…

A team of researchers at Texas A&M University has designed new easy-to-use methods to counter vulnerabilities contained by push notification-based two-factor authentication (2FA) systems. Many online services have implemented push notification-based…

Researchers at Symantec have detected signs of North Korea's Lazarus Advanced Persistent Threat (APT) group targeting the chemical sector. The Lazarus group's latest attacks against the chemical sector and IT companies in South Korea indicate the…

The likelihood of accidental or deliberate misuse of biological research increases as biotechnology increases. At the same time, public sharing of research data and protocols, and other open science practices, have become more widespread. James Smith and…

The MetroHealth System in Cleaveland, Ohio, recently discovered that it had been the victim of a data breach involving 1700 of its patients.  In a recent statement, MetroHealth announced that on November 13, while the health system’s electronic…

The developer of a popular WordPress plugin has updated its product to fix a critical vulnerability that could be exploited to change the appearance of websites.  Elementor is marketed as a leading website building platform for WordPress, enabling…

A cybercriminal group called OldGremlin has returned after a hiatus of more than one year. The group is known to be highly skilled in running carefully planned and scattered campaigns. OldGremlin is different from other ransomware operations because of…

Researchers at Check Point have identified a vulnerability in the Rarible Non-Fungible Token (NFT) marketplace, which could have resulted in nearly two million active users losing their NFTs in one transaction. An NFT is defined as a unit of data stored…

An advisory, recently published jointly by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, NSA, and the Department of Energy, warns that threat actors have developed a custom toolkit that enables them to scan for, compromise, and…

The Department of Justice (DOJ) seized the popular online cybercriminal marketplace RaidForums.  The takedown is the latest massive sweep by the U.S. government and international law enforcement partners of online marketplaces where hackers buy and…

A high-severity Remote Code Execution (RCE) vulnerability previously discovered in the Spring framework has been exploited by hackers since April to deploy the Mirai botnet malware on vulnerable devices in a likely attempt to execute Distributed Denial-…