New research from Exabeam shows that it is difficult for most blue teams to stop red teams during adversary simulation exercises, further highlighting the need for organizations to prioritize continuous evaluation and adjustment of security investments…

New cyber-operational tools have been integrated into the U.S. Cyber Command's virtual cyber-training platform, called the Persistent Cyber Training Environment (PCTE). Cyber Command's warriors will use the new set of tools integrated into the platform…

The operational technology (OT) specialist Claroty released a new biannual threat report based on the assessment of 365 Industrial Control System (ICS) vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories released…

The world's largest cruise operator Carnival has disclosed that on August 15th, they suffered a ransomware attack and a possible security breach.  The adversaries accessed and encrypted a portion of one brand's information technology systems, and…

Researchers at Guardicore Labs have discovered a peer-to-peer (P2) botnet called FritzFrog, which has been actively breaching SSH servers since January.  SSH servers are pieces of software found in routers, IoT devices, and other machines.  SSH…

IBM X-Force Red security researchers found a security flaw in components manufactured by Thales, which are included in millions of Internet of Things (IoT) devices. Thales produces components for over 3 billion devices used by 30,000 companies in…

Researchers at IBM conducted an annual study that found that customer data was the most-commonly compromised type of record during a data breach. The average cost per lost or stolen record was $146 across all data breaches.  The researchers also…

Apple has released a new tool aimed at helping developers protect iOS apps against security threats. Apple's Attest API tool generates a cryptographic key on a user's device to ensure that an app is authentic. The tool also makes sure that a phone…

Researchers at the security firm Group-IB have discovered a Russian-speaking hacking group, dubbed RedCurl. According to the researchers, RedCurl has focussed on corporate espionage and launched 26 campaigns against 14 organizations since 2018. RedCurl…

Chinese hackers have infiltrated at least 10 Taiwan government agencies and gained access to about 6,000 email accounts in an attempt to steal data. According to a top Taiwan cyber official, the damage done is not small, and the full impact is still…

The Apache Software Foundation has released security advisories about vulnerabilities discovered in Apache Struts versions  2.0.0 through 2.5.20 that have the potential to help launch remote code-execution (RCE) and denial-of-service (DoS…

Cyber-physical systems security researchers at the University of California demonstrated the use of inexpensive equipment to attack a grid-tied solar inverter. The researchers built a remote spoofing device composed of an electromagnet, an Arduino…