The experience gained at the largest unclassified Department of Defense (DOD) cyber defense exercise helps the Ohio Cyber Range Institute (OCRI) at the University of Cincinnati (UC) develop the country's civilian cybersecurity operation in Ohio. Last…

NoEscape appears to be the return of Avaddon, a Ransomware-as-a-Service (RaaS). Since June 2023, NoEscape has used double-extortion techniques against large companies. The cybercriminals behind it steal data from Windows, Linux, and VMware ESXi servers…

Henry Ford Health has recently confirmed that an email phishing scheme led to a data breach affecting 168,000 patients.  Patients were told Monday that someone conducting an email phishing scheme gained access to business email accounts on March 30…

Google patched a flaw in its Cloud Build service that allowed attackers to manipulate application images and infect users. Although a fix for the vulnerability was released in June, the researchers who discovered it have just published a detailed…

The administrators of Genesis Market on the dark web have announced the sale of their platform to a threat actor who will resume operations next month. In April, the FBI seized Genesis Market, a marketplace for stolen credentials, launched in 2017.…

A Nigerian national who had been living in the United Arab Emirates has recently been sentenced to more than eight years in a US prison for his role in an $8 million cybercrime scheme.  The man, 31-year-old Olalekan Jacob Ponle, aka Mark Kain, and…

For 2023, Forescout's list of the riskiest connected devices includes seven new entries that security teams should consider when securing their assets. The cybersecurity vendor's annual list, published on July 13, now includes Virtual Private Network (…

Metior is an analysis framework developed by MIT researchers to simplify hardware and software design frameworks in order to enhance defense capabilities against known and unknown side-channel attacks. Using Metior, engineers could quantitatively…

Identity and access management solutions provider JumpCloud has recently revealed that it was the target of a security breach caused by a sophisticated nation-state-sponsored threat actor.  The company noted that the breach first came to light on…

Security researchers at Wordfence have recorded over one million attempts to compromise a popular WordPress plugin over the past few days.  The researchers stated that the attacks began on July 14 and continued over the weekend, peaking at 1.3…

Cybernews researchers further explored how privacy-invasive Artificial Intelligence (AI)-powered applications like ChatGPT are. Large Language Models (LLM)s such as OpenAI's ChatGPT, Meta's LLaMA, and Google's PaLM2 are the most notable examples of…

US President Joe Biden's administration and major consumer technology companies have launched an initiative to establish a nationwide cybersecurity certification and labeling program to help consumers select smart devices less vulnerable to hacking.…