Researchers at the email and collaboration security firm Avanan have discovered a new method that attackers are using to trick victims into visiting malicious phishing websites via Google Docs. The attack begins with the threat actor sending an email,…

A bipartisan group of U.S. senators recently reintroduced the International Cybercrime Prevention Act, which is aimed at arming law enforcement with the tools needed to combat cybercrime and better protect Americans. The bill, first introduced in 2018,…

Security researchers at WebsitePlanet found the non-password-protected database, which had no form of authentication in place to prevent unauthorized entry, on March 21. The database contained information about CVS Health customers. The researchers…

According to researchers at Proofpoint, attackers are using fake DHL shipping emails to trick recipients into opening malicious Word and Excel documents that lead to an infection of 'RustyBuer,' a new variant of the Buer Loader malware family written in…

Colorado has unanimously passed a new data privacy act to safeguard Coloradoans' personal information.  The Colorado Privacy Act is due to take effect on July 1, 2023, and now awaits the signature of state governor Jared Polis.  Should the Act…

The NotPetya malware attack and the recent SolarWinds cyberespionage campaign both present real-world examples of software supply chain attacks in which a hacker slips malicious code into legitimate, widely used software. Supply chain security has become…

Security and privacy researchers at TU Wien, together with the IMDEA Software Institute and Purdue University, have developed a protocol aimed at improving the security and speed of transactions in cryptocurrencies such as Bitcoin. Cryptocurrencies are…

Carnival Corp., the world’s largest cruise ship operator, has sprung another leak. Carnival, in a data breach notification, stated that it appears that in mid-March, an unauthorized third party gained access to certain personal information relating to…

Findings from TransUnion's Public Sector Fraud Study suggest that despite the increase in the frequency and severity of fraud threats against government agencies during the COVID-19 pandemic, agencies still have not taken appropriate actions to address…

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Controls Systems (ICS) Medical Advisory on the discovery of multiple vulnerabilities in the ZOLL Defibrillator Dashboard. The…

Cybereason released research findings from a global ransomware study of nearly 1,300 security professionals that reveals that more than half of organizations have been victims of a ransomware attack. The research also reveals that 80 percent of…

Sophos researchers have discovered a new strain of malware that blocks infected users from visiting websites dedicated to software piracy. Some samples were found buried in archives disguised as software packages advertised through the Discord platform.…