The Cybersecurity and Infrastructure Security Agency (CISA) published an alert about the recent resurgence of the credential-stealing malware Emotet. Since its return, there has an increase in Emotet attacks against U.S. state and local governments.…

QNAP has fixed two critical vulnerabilities that could allow attackers to take over its network-attached storage (NAS) devices. The vulnerabilities were contained by Helpdesk, an app built into QNAP's NAS devices that admins could use to send requests…

Chicago-based Asian food delivery service Chowbus has suffered a data breach with more than 800,000 customer records and 444,000 unique email addresses exposed.  Customers reported receiving emails labeled "Chowbus data" that contained links where…

New research from CyberArk found that most security tools used by organizations to combat malware attacks contain vulnerabilities that could be exploited by attackers to escalate privileges on a compromised system. CyberArk tested products from Symantec…

Researchers have discovered a security flaw that affects Comcast's XR11, a popular voice-activated remote control for cable TV, which has more than 18 million units deployed across the U.S. The adversary could use the vulnerability to take the controller…

A team of Penn State researchers and graduate students proposed a privacy-preserving data mining framework focussed on protecting the privacy of manufacturing enterprises' sensitive data. According to researchers, cyberattacks against manufacturing…

The United Nation's International Maritime Organization (IMO) has revealed that its IT systems were recently hit with a sophisticated cyberattack. The IMO provides guidance regarding shipping, passenger ships, maritime environmental protection, and…

Visa researchers have reported their findings on independent attacks against two North American merchants involving point-of-sale (POS) malware variants. One attack deployed a TinyPOS variant, while another attack used a mix of malware such as MMon (also…

An independent researcher has discovered that Apple devices with a macOS operating system and a T2 security chip are open to an exploit that could give bad actors root access. The flaw stems from the T2 chip and has not been fixed yet by Apple.  …

Hackers are continuing to take advantage of the panic surrounding the COVID-19 public health crisis to increase the frequency and complexity of phishing attacks against enterprise organizations. The healthcare sector remains one of the most targeted by…

Researchers have discovered a new phishing email that warns U.S. targets that their voter registration data needs extra details.  The email supposedly comes from the U.S. Election Assitance Commission.  The email contains a URL and asks the…

Researchers at Palo Alto Network's Unit 42 have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. TeamTNT is known for its targeting of Amazon Web Services (AWS) credentials to break into the cloud and use it to mine for…