Cybercrime poses a threat to America's competitive advantage and the future of the economy. However, many still question the extent to which cybercrime impacts economic activity, claiming the compromise of and bias with cybercrime loss estimates. The…

GitHub Security Labs has discovered a form of malware that spreads via infected repositories on their systems.  The malware found is called Octopus Scanner.  Octopus Scanner targets Apache NetBeans, which is an integrated development…

Researchers at the Indian Institute of Technology Kanpur have discovered a new technique called "DABANGG," which improves the effectiveness of timing channel attacks. A timing channel attack refers to the analysis of how long it takes for a targeted…

Security researchers found that 8Belts, maker of language-learning apps, left a database containing sensitive information about hundreds of thousands of users exposed online. The unsecured 8Belts database, which has now been taken down, revealed national…

Microsoft is warning organizations about new Java-based ransomware, called "PonyFinal." The tech giant considers PonyFinal to be human-operated ransomware because it is not a variant distributed in an automated manner. According to Microsoft's Security…

Organizations are struggling to adjust to the new normal caused by the COVID-19 pandemic.  In a new survey by Bitglass, researchers discovered that 41 percent of the respondents said that their organizations had not taken any steps to expand secure…

Security researchers at ESET have discovered a new strain of Android malware, called "DEFENSOR ID." The malware performs malicious activities through the abuse of a device's Accessibility Services. These services enable the malware to execute 17 commands…

When we want to know how many calories are in a certain portion of food or drink, we look at nutrition labels. However, if we want to know about the security and privacy practices behind a new Internet of Things (IoT) device, this information is not…

Researchers at Tel Aviv University and the Interdisciplinary Center (IDC) of Herzliya say that vulnerabilities in the Domain Name System (DNS) could have been used to execute a much more massive attack than that of the infamous Mirai botnet. A study…

The NSA has warned in a security advisory published on Thursday that the Russian APT group Sandworm has been exploiting a critical Exim flaw (CVE-2019-10149) to compromise mail servers since August 2019.  When this flaw is successfully exploited,…

An analysis recently published by Risk Based Security reveals a decrease in the number of vulnerabilities reported in the first quarter of 2020 by 20%. Although the decline in reported vulnerabilities occurred in the same quarter as the surge of remote…

In a new survey by Macafee, researchers found that overall enterprise adoption of cloud services spiked by 50 percent between January and April, including manufacturing and financial services that typically rely on legacy on-premises applications and…