A malicious campaign is targeting Redis servers with a new variant of the SkidMap malware. SkidMap is a piece of cryptocurrency mining malware discovered by Trend Micro in September 2019 as it targeted Linux machines. The malicious code evaded detection…

Serco Inc, the Americas division of multinational outsourcing company Serco Group, has recently disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor's MoveIT managed file transfer (…

A new report by the European Policy Center, a think center for European Union affairs, calls on companies and governments to act quickly to develop a comprehensive strategy for quantum readiness. Given the current rate of quantum computing research, a…

The FBI urges potential Non-Fungible Token (NFT) buyers to look out for malicious websites that use "drainer smart contracts" to secretly steal from cryptocurrency wallets. The websites pose as outlets for legitimate NFT projects with new offerings. They…

The Colorado Department of Higher Education (CDHE) recently has been targeted in a ransomware attack that resulted in a data breach impacting many students and teachers.  The organization said it became aware of a cyberattack involving ransomware on…

According to technical evidence reviewed by Reuters and an analysis conducted by security researchers, an elite group of North Korean (DPRK) hackers infiltrated the computer networks of a Russian missile developer for at least five months in 2022.…

The Clop ransomware gang has modified its extortion tactics, now using torrents to distribute data stolen in MOVEit attacks. The group launched a wave of data theft attacks beginning on May 27, exploiting a zero-day vulnerability in the MOVEit Transfer…

Researchers at Horizon3.ai have published information about CVE-2023-39143, two vulnerabilities in PaperCut application servers that unauthenticated attackers could exploit to execute code remotely. It is not a "one-shot" Remote Code Execution (RCE) bug…

This year, regulatory bodies at all levels of government have issued stricter privacy and disclosure requirements and penalties, crafted with ambiguous language and vague guidelines, leaving cybersecurity teams buried in liability and without a clear…

A group of researchers has developed a "deep learning-based acoustic side-channel attack" that is 95 percent accurate in classifying laptop keystrokes recorded by a nearby phone. According to the researchers Joshua Harrison, Ehsan Toreini, and Maryam…

Mamtaj Akter, a graduate student in computer science at Vanderbilt University working in the lab of Pamela Wisniewski, Flowers Family Fellow in Engineering and associate professor of computer science, co-authored a study evaluating how technology can…

Rapid7 researchers warn that the secondary market sale of decommissioned medical infusion pumps may result in the exposure of Wi-Fi configuration settings. Most medical infusion pumps purchased from secondary market services such as eBay contained…