As cars become increasingly equipped with computerized components, they become more vulnerable to cyberattacks and privacy leaks. Ethical hackers, also known as white hat hackers, have already demonstrated attacks on computerized car technology. The…

Researchers have found 11 living-off-the-land binaries and scripts (LOLBAS) that threat actors could exploit to conduct post-exploitation activities. Nir Chako, a security researcher at Pentera, describes LOLBAS as an attack technique involving using…

There has been a rise in the abuse of the legitimate Cloudflare Tunnels feature by hackers to establish stealthy HTTPS connections from compromised devices, circumvent firewalls, and maintain long-term persistence. In January 2023, Phylum reported that…

As Artificial Intelligence (AI) increases the sophistication and scope of phishing, vishing, and smishing attacks, understanding and managing human cyber risks have become increasingly important, according to a report by the SANS Institute. The report…

The Mallox ransomware group is intensifying its targeted attacks on organizations with vulnerable SQL servers. It has recently emerged with a new variant and various additional malware tools to achieve persistence and circumvent detection. In June 2021,…

Security experts continue to encourage using strong and complex passwords to protect online accounts and data from cybercriminals. "Complex" passwords typically require lowercase and uppercase letters, numbers, and special symbols. However, according to…

At least one smart device vulnerable to cyberattacks, such as smart TVs, robot vacuums, and more, is present in two out of every five homes worldwide. Such devices will soon come with a label that helps consumers determine whether the device is secure…

Baltimore-based Johns Hopkins University and Health System are notifying patients that some of their protected health information may have been compromised due to hackers targeting a software vulnerability in MOVEit Transfer.  According to a breach…

The Poland-based spyware called LetMeSpy is no longer operational. It has announced that it will cease operations after a data breach in June wiped out its servers, including a massive cache of data taken from thousands of victims' phones. In a statement…

Titan, Redline, and other infostealers target Internet users searching for pirated copies of games and software. However, according to a new report from Flare.io, they are increasingly making their way into corporate environments, possibly due to the…

A leading Spanish research institute has become the latest organization in the country to come under cyberattack from Russia after a weeks-long DDoS campaign that appears to be geopolitically motivated.  It has been claimed that the prolific…

In recent years, the US has seen a rise in cyberattacks aimed at the nation's schools. During the 2022-2023 academic year, at least eight US K-12 school districts were affected by cyberattacks, four of which required schools to cancel classes or close…