Due to the coronavirus, the number of telehealth primary care visits has increased exponentially.  In a new study, researchers reviewed the 148 most-used telehealth vendors.  The researchers found that telehealth providers have experienced a…

A security consultant discovered a misconfigured Elasticsearch cloud cluster that exposed a segment of Razer's infrastructure to the public internet, where anyone could access the information.  Razer is a company that sells gaming gear.  It is…

A report recently published by Coalition, one of the leading providers of cyber insurance and security, revealed that ransomware incidents made up 41% of cyber insurance claims filed in the first half of 2020. The high number of claims confirms…

Researchers at Purdue University have discovered a flaw they are calling "BLURtooth." The high-severity Bluetooth vulnerability exists in the pairing process for Bluetooth 4.0 through 5.0 implementations. The vulnerability could allow an unauthenticated…

Reports from Microsoft and Intezer reveal the weaponization of a legitimate cloud monitoring tool, called Weave Scope, to install cryptominers in cloud environments. TeamTNT is the hacking group discovered to be using the tool to perform this malicious…

Six critical vulnerabilities have been discovered by Claroty researchers in a third-party software component used by top Industrial Control System (ICS) software vendors such as Rockwell Automation and Siemens. These vulnerabilities were found in Wibu-…

According to a new study published in JAMA, almost all websites designed to provide information to people regarding COVID-19 symptoms, testing, and prevention contain code that transfers data to third parties, posing a threat to users' privacy.…

An Elasticsearch database belonging to Digital Point, the world's largest webmaster forum and marketplace for web services, was discovered to be left online without password protection. The unprotected database contained more than 62 million records…

Researchers have discovered a malicious app called TikTok Pro. Threat actors are urging users via SMS and Whatsapp messages to download the latest version of Tiktok from a specific web address.  The fake TikTok  Pro app contains malware that…

Ports are critical infrastructures and require improved security, as attacks resulting in disruptions could significantly impact the economy. Digitalized container terminal operations, in particular, face various potential security risks. The movement of…

Researchers at Columbia University have recently released Crylogger, an open source dynamic analysis tool that shows which Android apps contain cryptographic vulnerabilities.  The researchers used the tool to test 1780 popular Android apps from the…

Verizon recently released details about its efforts to secure the 5G network. According to Verizon, its network security engineers are developing an Artificial Intelligence (AI) and Machine Learning (ML) security framework to detect security anomalies…