A team of computer scientists and international studies students at Johns Hopkins University developed a new online database called the Cyber Attack Predictive Index (CAPI) that can predict the likelihood of a cyberattack between nations. The site…

Researchers have discovered nearly a terabyte of data that was stolen during a ransomware attack from a  Miami-based tech firm called Intcomex on a Russian-language hacker forum.  The databases stolen by the adversaries were uploaded to the…

Deepfakes refer to synthetic media, including images and videos, created using Artificial Intelligence (AI). Deepfakes remain a significant issue despite recent developments in security measures that can detect many of them. Bart Kosko, a professor in…

As part of Apple's bug bounty program, a team of researchers analyzed the company's online services and found a total of 55 vulnerabilities, 11 of which were flagged as critical. The team received a reward of $288,500 for their findings. According to the…

Researchers at Telos have discovered that organizations are struggling to keep up with IT security and privacy compliance regulations.  Researchers at Telos surveyed 300 IT security professionals in July and August.  The survey revealed that,…

Using the Fitbit application API, Kev Breen, the director of cyber research for Immersive Labs, built a malicious Fitbit application. This app contains spyware that can steal user information such as gender, age, heart rate, and weight, as well as…

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with Intelligent Automation, Inc. (IAI), developed a new technology called the Trusted Mobile System (TrustMS). This cybersecurity tool secures device…

Facebook is creating a loyalty program as part of its bug-bounty offering, hoping to incentivize researchers to find vulnerabilities in its platform.  Facebook bounty hunters will be placed into tiers by analyzing their score, signal, and the number…

The Cybersecurity Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that advanced persistent threat actors (APTs) are now leveraging Microsoft’s severe privilege-escalation flaw, dubbed “Zerologon,” to target…

The Agari Cyber Intelligence Division (ACID) published the results of a study on the operations of Business Email Compromise (BEC) attacks. These results give insight into the global footprint of BEC activity. Researchers looked at information on 9,000…

The Government Accountability Office (GAO) calls on federal regulators to increase efforts toward strengthening the security of airliners' computer systems against hackers. The agency pointed out that the Federal Aviation Administration (FAA) has not…

Vulnerability chaining is a tactic in which multiple bugs are used to compromise a network or application. According to a joint statement released by CISA and the FBI, hackers have recently applied this tactic by exploiting a combination of Windows and…