Researchers at Check Point and Security firm Otorio uncovered a phishing campaign that managed to bypass Microsoft Office 365 Advanced Threat Protection filtering to steal more than 1,000 corporate credentials.  In August 2020, the campaign began…

The cybersecurity firm Malwarebytes has revealed that it was also targeted by the same nation-state hackers who infected SolarWinds' Orion network management software, which impacted US government agencies and corporations, including Microsoft and…

A team of scientists has developed a quantum random number generator said to be fast and affordable. The device produces randomness at a rate of 8.05 gigabits per second, making it the fastest secure quantum random number generator ever. The study is a…

According to researchers at Trend Micro, hundreds of networks still contain VPNFilter malware, leaving infected devices open to being controlled by malicious actors. VPNFilter was identified in 2018 and is believed to be operated by the Russian state-…

Researchers at Check Point Research have discovered a novel malware variant is targeting Linux devices.  The malware is called FreakOut.  FreakOut has various capabilities, including port scanning, information gathering, and data packet and…

The cybersecurity form Emsisoft released a report on the state of ransomware in the US, which reveals that at least 2,354 US government, healthcare, and schools were impacted by ransomware attacks in 2020. Emsisoft data shows that 560 healthcare provide…

The European Medicines Agency (EMA) recently revealed that hackers leaked and manipulated documents about the BioNTech-Pfizer and Moderna COVID-19 vaccines. According to the EU agency, these documents were manipulated in a way that could damage public…

Researchers at password security firm Keeper Security commissioned the Ponemon Institue to poll over 370 UK IT security leaders who work at financial services firms as part of a larger global study and found that this past year 70% of financial services…

The FBI is warning that hackers are increasingly using voice phishing, also known as vishing, to target remote workers as a way to harvest VPN and other credentials to gain initial access to corporate networks.  After gaining access to the network,…

Security experts from the Internet of Things (IoT) security firm JSOF have released details about a set of seven vulnerabilities collectively called DNSpooq that impact Dnsmasq, a DNS transfer client used for many Linux-based systems such as routers and…

Researchers with NCC Group and Fox-IT have detailed a new threat group called Chimera. According to the researchers, this group targets Microsoft and Google cloud services to achieve goals aligned with the Chinese government's interests. Chimera tries to…

The National Highway Traffic Safety Administration (NHTSA) released a new draft of voluntary cybersecurity best practices with a focus on secure software use in vehicles. The updated draft incorporates comments gathered from a 2016 best practices…