Malicious cyber actors are making more than 100 attempts to exploit a critical security vulnerability contained by the Java logging library Apache Log4j every minute, according to security researchers at Check Point. The Log4j vulnerability, also now…

An active attack against more than 1.6 million WordPress sites is underway, with researchers spotting tens of millions of attempts to exploit four different plugins and several Epsilon Framework themes.  The researchers stated that the adversaries'…

New research conducted by Kaspersky has revealed that the lifespan of most phishing pages is as brief as that of an adult mayfly.  Between July 19 and August 2, 2021, researchers analyzed 5,307 examples of phishing pages. They found that within 13…

Real-world tests conducted by researchers at the University of Plymouth have shown that gait authentication could be a feasible way to protect smartphones and other mobile devices from cybercrime. The study involved asking smartphone users to go through…

US military network-security researchers have launched a new program to discover more about the tactics of malicious hackers.  The Signature Management Using Operational Knowledge and Environments (SMOKE) program was announced on Tuesday.  …

Researchers at Inmarsat have found that global businesses have become more risk aware as they deploy IoT projects, but over three-quarters (77%) admitted that these systems could be more secure.  The researchers polled 450 individuals responsible…

New Application Programming Interface (API) threat research from Salt Labs highlights GraphQL API authorization vulnerabilities contained by a B2B financial technology (FinTech) platform. Findings from the analysis of this FinTech provider's mobile…

The hacking group known as StrongPity is spreading malware-laced Notepad++ installers. The group, also known as APT-C-41 and Promethium, was previously observed distributing trojanized WinRAR installers between 2016 and 2018 through highly-targeted…

About 300,000 MikroTik routers are vulnerable to remote attacks that can secretly add the devices to a botnet to steal sensitive user data and engage in Distributed Denial-of-Service (DDoS) attacks. Researchers at the security firm Eclypsium estimated…

According to new research, the internet is becoming more secure overall, but slightly more than half of websites' digital keys are still generated via legacy encryption algorithms.  Security firm Venafi analyzed the world’s top one million sites…

Onfido has recently released its annual report titled "Identity Fraud Report." Document fraud specialists at Onfido process, millions of identity documents every year, helping clients detect fraud across 2,500 document types issued by 195 countries…

Researchers at the threat intelligence firm Analyst1 analyzed several major cybercrime forums and found that at least two of them have an informal type of court system. These courts allow cybercriminals to file grievances and settle disputes with their…