Security experts urge Windows system administrators to patch a pre-auth Remote Code Execution (RCE) vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is highly likely.

Selections by dgoff

A new attack vector in GitHub Actions artifacts, called "ArtiPACKED," could be used to take over repositories and access organizations' cloud environments.

Researchers at FortiGuard Labs have uncovered a sophisticated "ValleyRAT" malware campaign targeting Windows users in China. The threat actors behind the campaign seek to take over compromised machines.

According to security researchers at Dragos, there was a significant increase in ransomware attacks on industrial organizations in the second quarter of 2024 compared to the previous quarter.

"RansomHub" ransomware operators are now using new malware named "EDRKillShifter" to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks.

EPFL researchers in computer and communication sciences discovered 31 critical security vulnerabilities in the Android system and developed ways to mitigate some of them.

According to security researchers at Chainalysis, ransomware actors are set for their highest-grossing year on record in 2024 after crypto inflows in the first half of the year reached $460m.

Prof. Dan (Linda) Lin of Vanderbilt University received the 2024 IEEE Big Data Security Senior Research Award.

A team of computer scientists from the University of California San Diego and Northeastern University found that high-end bicycles used for high-profile road races are vulnerable to cyberattacks targeting their wireless gear-shifting system.

Columbus Mayor Andrew Ginther recently announced that hackers recently stole data from Ohio’s largest city, but what they got was not usable and no personal information about city workers was made available online.

AutoCanada, a major Canadian car dealership, recently announced that it was affected by a cyberattack that may result in some disruptions.  The incident was discovered on August 11 and impacted some internal IT systems.