The UK’s leading cybersecurity agency NCSC has released new guidance for system owners and technical staff on managing shadow IT in their organization.  Shadow IT refers to the devices and services employees use for work without the IT department…

In the first quarter of 2023, the number of incidents involving infostealer malware more than doubled compared to last year, mainly targeting Windows, Linux, and macOS. According to a recent study by Uptycs, most of the perpetrators behind infostealer…

Now that the cross-sector Cybersecurity Performance Goals (CPGs) have been published, the US Cybersecurity and Infrastructure Security Agency (CISA) is collaborating with Sector Risk Management Agencies (SRMAs) to develop Sector-Specific Goals (SSGs) for…

A cyberattack on an NHS supplier has recently left two ambulance trusts serving millions of people without access to electronic patient records.  Swedish healthcare IT firm Ortivus said in a statement that an attack on July 18 left affected UK…

As part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners, misconfigured and inadequately secured Apache Tomcat servers are being targeted. Over 800 attacks were detected against Aqua's Tomcat server honeypots over…

Two recently introduced Linux vulnerabilities in the Ubuntu kernel make it possible for unprivileged local users to acquire elevated privileges on a large number of devices. Ubuntu is one of the most popular Linux distributions, particularly in the US,…

The Securities and Exchange Commission (SEC) has adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to annually disclose material information regarding their cybersecurity risk management, strategy, and…

Hackers are planting "malvertisements" for widely-used Information Technology (IT) tools on search engines in an attempt to lure IT professionals and conduct ransomware attacks in the future. The scheme involves pay-per-click advertisements on Google and…

Researchers at Cornell Tech and the Cornell Ann S. Bowers College of Computing and Information Science are part of the first cohort of participants from four institutions to receive funding from the Google Cyber New York City (NYC) Institutional Research…

Cellular networks are essential for various applications, including phone calls and Internet access. However, the growth of fake base stations in cellular networks, sometimes known as stingrays, cell-site simulators, or IMSI catchers, poses a major…

A University of Texas at Arlington (UTA) engineering researcher is developing defenses to prevent cyberattacks targeting networks of self-driving cars and Unmanned Aerial Vehicles (UAVs). Animesh Chakravarthy, associate professor in the Department of…

Reports of "hacktivism" are rising, with 2022 seeing a significant resurgence in the area, primarily fueled by the Russia-Ukraine conflict. According to Radware data, from February 18 to April 18 this year, hacktivists claimed over 1,800 Distributed…