According to university researchers, nearly 70 Virtual Private Network (VPN) clients and servers are vulnerable to an attack that can cause them to leak user traffic. The multi-campus collaboration named their attack TunnelCrack and has released proof-of…

Many Artificial Intelligence (AI) systems fail to grasp human error and uncertainty, especially in systems where a human provides the Machine Learning (ML) model with feedback. These systems are often programmed with the assumption that humans are always…

As technology advances, the manufacturing industry increasingly adapts to digital instruction, from the production of fighter jets to cars. Mechanical parts can be designed on a computer and sent via the network to a manufacturing machine that follows…

Northern Ireland’s top police officer recently apologized for what he described as an “industrial scale” data breach in which the personal information of more than 10,000 officers and staff was released to the public.  The incident is particularly…

In June, Johns Hopkins University and Johns Hopkins Health System learned that their systems were among those affected by a broad-based cybersecurity attack that targeted a widely used software platform for transferring data files called MOVEit.  …

A team of computer security experts has devised a set of recommendations to defend against 'thermal attacks' that can steal personal information. Thermal attacks use heat-sensitive cameras to detect fingerprint traces left on surfaces such as smartphone…

Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to launch the commodity malware XWorm. The attack chain, discovered by Fortinet FortiGuard Labs on July 13, 2023, begins with a phishing email containing a malicious PDF file…

The US Department of Homeland Security (DHS) Cyber Safety Review Board (CSRB) released a report after analyzing the techniques, such as SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. In…

According to OPSWAT, malware, one of the most prevalent and pervasive initial threat vectors, continues to evolve and become more sophisticated. Using malware as a foothold, threat actors infiltrate targeted infrastructures and then move laterally to…

Credentials hardcoded in the Dell Compellent storage array service could allow attackers to take control of enterprise VMware environments in organizations using both services. According to Enlyft, Dell Compellent reached its end of life in 2019. However…

Eye-Shield is an innovative screen protection system developed by researchers at the University of Michigan that obscures images and text on a user's phone and other devices when seen from a distance. According to the researchers, previous methods have…

A team of security researchers tested the performance of Large Language Models (LLMs) in composing convincing phishing emails and detecting them. The results showed that Artificial Intelligence (AI) technology could generate highly effective phishing…