A new hacking group, dubbed FamousSparrow by ESET researchers, has targeted entities worldwide to spy on them. The group is believed to have been active since at least 2019, with links to attacks against governments, international organizations,…

Researchers at Guardara have discovered a flaw in a widely used internet-of-things (IoT) infrastructure code that left more than 100 million devices across 10,000 enterprises vulnerable to attacks.  Researchers at Guardara used their technology to…

New research shows that shipping companies, power plants, and investment banks are inadvertently leaking thousands of their employees' email passwords due to a design flaw in the Microsoft Autodiscover protocol. Autodiscover is a protocol used to…

Schools and colleges have been hit significantly hard by cyberattacks during the COVID-19 pandemic. In 2020, the average ransomware attack cost educational institutions $2.73 million, including costs of downtime, repairs, and lost opportunities. From…

Researchers have been piecing together information surrounding BlackMatter, the group behind the recent ransomware attack that targeted the Iowa-based farm services provider New Cooperative. The group claims to use the best tools and methods of…

During a new study, security researchers at Proofpoint found that more than four-fifths (85%) of the UK’s top 20 universities are putting their students, staff, and suppliers at risk of email fraud.  The researchers found that just 15% of the…

A study commissioned by Censinet and conducted by the Ponemon Institute surveyed 597 healthcare organizations, including regional health systems, community hospitals, and integrated delivery networks. One in four of the respondents reported an increase…

Security researchers at Comparitech found an unprotected Elasticsearch database on August 22, 2021. Inside the 200GB digital index were records dating back ten years containing the personal details of more than 106 million international travelers who…

Researchers at the industrial cybersecurity firm Claroty found 11 vulnerabilities in widely-used network management products from Nagios during a research project on the use of network management systems in Information Technology (IT), Operational…

Researchers at PermiterX discovered that nearly half of US website owners have so little insight into third-party code that they can’t say definitively if their site has suffered a cyber breach. The web app security vendor polled 501 organizations across…

A security researcher has discovered a vulnerability in Hikvision surveillance cameras that make them susceptible to remote hijacking without the attacker needing to have a username and password. The attack can be launched using the standard HTTP and…

The decentralized finance (DeFi) system pNetwork that allows communication between different blockchains recently announced that it had been hacked for 277 pBTC (its bridged version of bitcoin), with losses worth more than $12 million at current value.…