A voice-based phishing (vishing) malware is targeting Android phones and stealing sensitive financial information from victims, as part of a trend generating millions of dollars in profits using vishing attack techniques. These attacks, unlike the common…

Apple recently rolled out an urgent software update to its iOS and iPadOS mobile operating systems and warned that zero-day exploitation has already been detected.  For the second time since adopting the “rapid security responses” process to address…

HCA Healthcare recently announced that the personal information of roughly 11 million patients was stolen in a data breach.  The incident was discovered on July 5 after a threat actor posted on an underground forum information allegedly stolen from…

A Moroccan man has recently been charged with four counts relating to a scheme to steal nearly half-a-million dollars’ worth of cryptocurrency and non-fungible tokens (NFT) from a US victim.  Soufiane Oulahyane, 25, allegedly operated a phishing…

Researchers at Resecurity have identified the emergence of mobile Android-based tools called "mobile anti-detects." Criminals involved in online banking theft use these tools to impersonate compromised account holders and circumvent anti-fraud controls.…

Threat actors are now targeting Amazon Web Services (AWS) Fargate as part of an ongoing attack campaign called SCARLETEEL. Alessandro Brucato, a security researcher at Sysdig, noted that cloud environments are still their primary target. However, tools…

Security operations teams observe firsthand how quickly attackers reinvent their attack strategies, automate attacks on multiple endpoints, and do whatever it takes to evade cyber defenses. Attackers have shown themselves to be persistent. For example,…

As security companies continue to release products and features that use advanced Artificial Intelligence (AI), researchers continue to warn of the security vulnerabilities and threats posed by this technology. The National Institute of Standards and…

The European Commission has adopted its adequacy decision for the EU-US Data Privacy Framework. The decision is that under the new framework, the US will provide adequate protection comparable to that of the European Union for personal data transferred…

VMware has warned customers that exploit code for a critical vulnerability in the VMware Aria Operations for Logs analysis tool, which helps administrators manage terabytes of application and infrastructure logs in large environments, is now available.…

Using mathematical principles to understand the behavior of code, a team of Virginia Tech researchers discovered that the source code in popular reverse engineering tools such as Ghidra may not be as secure as its creators intended. Through their…

According to a study conducted by the Department of Energy's (DOE) Pacific Northwest National Laboratory (PNNL), employees who experience a specific form of stress are more likely to fall victim to a phishing attack. While most, if not all,…