Apache Guacamole is a popular infrastructure for enabling remote working.  Researchers have recently discovered that it is vulnerable to many security bugs related to the Remote Desktop Protocol (RDP).  If an adversary gains control of the…

The COVID-19 pandemic has amplified the cybersecurity challenges faced by school districts across the United States. Before the coronavirus crisis, school districts had already been experiencing cybersecurity shortcomings because of the lack of dedicated…

Maze ransomware operators claim to have stolen files from the systems of the U.S. printing giant Xerox. The cybercriminals are threatening to leak the stolen information to the public if Xerox does not pay the demanded ransom. Other companies that have…

JSOF security researchers recently discovered a series of vulnerabilities, dubbed "Ripple20", that impact connected devices in the enterprise, industrial, and healthcare industries. The Ripple20 vulnerabilities were found in a low-level TCP/IP software…

Researchers have discovered a new "smishing" campaign carried out by the Roaming Mantis threat group.  The adversaries are targeting Android mobile devices and are spreading FakeSpy infostealer malware.  The malware is disguised as legitimate…

Philips, a leading health technology solutions company, recently reported vulnerabilities discovered in its ultrasound medical devices to the U.S. Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA). According…

IBM Security's fifth annual Cyber Resilient Organization Report based on a global survey conducted by the Ponemon Institute found that most organizations' response plans are still inadequate. More than 70 percent of organizations have revealed that their…

There have been massive advancements in perimeter and endpoint defenses, but email remains a  cybersecurity risk for many companies.  Almost 90 percent of email attacks manipulate sender identity to fool recipients and initiate social…

A new macOS ransomware dubbed EvilQuest was first spotted in late June by a malware researcher with K7 Lab.  The ransomware was impersonating the Google Software Update program.  The ransomware is usually delivered bundled up with pirated…

Researchers from the Tokyo University of Science (TUS) have developed a new single sign-on (SSO) algorithm that prevents the disclosure of a user's identity and personal information to third parties. SSO systems provide users the option to access…

iOS 14 beta version has been released.   iOS 14 can identify applications that silently and automatically read anything a user copies into their mobile device's clipboard.  The iOS 14 flagged TikTok, and 53 other apps for spying on iPhone…

Malwarebytes recently reported malicious code insertion inside the Exchangeable Image File Format (EXIF) data of a favicon by hackers. A favicon is a small image used by web browsers to show a graphical representation of a website. Hackers are hiding…