The industrial systems security firm Dragos has discovered potential pre-ransomware activity targeting the manufacturing sector. Dragos has warned of the recent infection of several automotive manufacturers by the Emotet backdoor malware. According to…

Security researchers at Trend Micro are warning that the Russian state operatives behind a sophisticated malware campaign are broadening their targets to include Asus and other router manufacturers.  The researchers stated that there are currently…

Endpoint detection and response (EDR) tools are a cornerstone of most cybersecurity defenses today.  But while the technology has an important role to play in investigating threats, security researchers believe that too many organizations have made…

Two Veeam software products have been discovered to contain two critical vulnerabilities and one high-severity vulnerability. The exploitation of these vulnerabilities could allow attackers to perform Remote Code Execution (RCE) and enable Local…

A security researcher was able to root a Pixel 6 Pro and Samsung S22, two models of Android phones, through the use of the newly discovered critical Dirty Pipe vulnerability in Linux. The researcher chose the two handset models because they are known to…

DirtyMoe malware has new worm-like propagation capabilities, allowing it to have a greater reach without requiring user interaction. According to Avast researcher Martin Chlumecký, DirtyMoe's worming module targets older well-known vulnerabilities such…

The Federal Bureau of Investigation (FBI) has announced the creation of a Virtual Assets Unit (VAU) to provide analysis, support, and training to America's law enforcement and intelligence communities.  The FBI stated that the unit is staffed by…

Meta, the parent company of Facebook, has been forced to remove a deepfake of the Ukrainian President in which he appeared to call on the military to lay down their arms.  Nathaniel Gleicher, head of security policy at Meta, stated that the deepfake…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint cybersecurity advisory, highlighting technical details, mitigations, and resources regarding…

Bulletproof released a cybersecurity report detailing findings from research gathered in 2021. The report highlights that default credentials remain one of the main entry points used by attackers. Research shows attackers are consistently leveraging and…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) recently hosted a three-day national cyber exercise called Cyber Storm VIII to test preparedness to a cyber-crisis that impacts critical infrastructure. Over 2,…

The protected health information (PHI) of hundreds of thousands of heart patients may have been exposed during a cyberattack on South Denver Cardiology Associates (SDCA).  On January 4, 2022, SDCA identified unusual activity within their computer…