According to security researchers at TRM Labs, North Korea has stolen around $200 million in cryptocurrencies across 30 hacks so far in 2023, less than in 2022 but still a sum "10 times larger than attacks by other actors." The researchers noted that…

The National Credit Union Administration (NCUA) recently announced that it is updating its cyberattack reporting rules, requiring all federally insured credit unions to report incidents within 72 hours of discovery.  The new policy, NCUA announced,…

Researchers are trying to keep up with hackers and prevent data theft. Some standard tools include multi-factor authentication (MFA) systems, fingerprint technology, and retinal scans. Automatic speaker identification, which uses a person's voice as a…

The Cybernews research team has explored an issue that developers often overlook: HTTP security headers. They analyzed the top 100 most-visited websites, such as PayPal, Wikipedia, and AliExpress. HTTP security headers provide instructions on how the…

Adlumin security researchers are warning of the Play ransomware group targeting security Managed Service Providers (MSPs) to gain initial access and exploit up to five-year-old security appliance vulnerabilities. According to Kevin O'Connor, director of…

The U.S. Department of Health and Human Services recently announced that it is investigating Dallas’ ransomware attack from earlier this year.  The city reported the data breach to the agency earlier this month, saying personal information from 30,…

A new cybersecurity technology that relies on the unique digital fingerprint of a semiconductor chip could help defend the equipment of electrical utilities from malicious attacks in which software updates are exploited on devices controlling critical…

Even though cybersecurity strategies are moving toward a passwordless future, password security remains critical. Fifty-four percent of the 100 Black Hat USA 2023 attendees surveyed by Delinea deemed passwordless a viable concept, while 79 percent…

A new, financially motivated operation named LABRAT has been exploiting a now-patched critical vulnerability in GitLab to conduct cryptojacking and proxyjacking. According to Sysdig, the attacker used undetected signature-based tools, sophisticated cross…

Researchers have discovered an extensive campaign that distributed proxy server apps to at least 400,000 Windows systems. The devices function as residential exit nodes without the users' permission. A company is charging for the proxy traffic running…

According to Aqua Nautilus researchers, Microsoft's PowerShell Gallery poses a software supply chain risk due to its relatively weak protection against attackers uploading malicious packages to the online repository. Recent testing of the repository's…

A popular anonymous file sharing service used by security researchers and threat actors has recently closed down, citing "extreme volumes" of users abusing it.  AnonFiles was a going concern for two years, enabling anyone to share files without fear…