The National Science Foundation (NSF) has awarded a $1.2 million grant to a team of researchers from Purdue University and Michigan State University to continue enhancing the security of cellular 911 calls. In the US, the Federal Communications…

In recent years, ransomware attacks have evolved into a persistent security risk. The inability to effectively respond to this challenge has normalized what should be intolerable: organized cybercriminals harbored by hostile states disrupting and…

The Cybersecurity and Infrastructure Security Agency (CISA) has released the first series of final security guidance resources under its Secure Cloud Business Applications (SCuBA) project: the Extensible Visibility Reference Framework (eVRF) Guidebook…

Cybercriminals frequently target software development and delivery supply chains. These environments can be used to compromise cloud deployments throughout the automated software development and delivery lifecycle. The National Security Agency (NSA) and…

Bitcoin is the most well-known cryptocurrency in the world today, but there are numerous others, each implementing a different set of technical features. To exchange one cryptocurrency for another, so-called "bridges" are used, which are typically…

New research conducted by Group-IB reveals that threat actors are increasingly compromising ChatGPT accounts. They may use this access to collect sensitive data and launch additional targeted attacks. According to Group-IB, ChatGPT credentials have…

Wagner ransomware infects user devices and invites them to join the Wagner Group, which is a Russian Private Military Corporation (PMC). Cyble researchers say that the recently detected ransomware likely targets Russians. Instead of demanding payment,…

 Security researchers at FortiGuard Labs discovered a new infostealer called ThirdEye that is potentially targeting Windows users.  The researchers stated that ThirdEye is designed to extract valuable system information from compromised…

Researchers at SonarSource discovered two SQL injection vulnerabilities in Gentoo Soko, tracked collectively as CVE-2023-28424 with a CVSS score of 9.1, which a remote attacker can exploit to execute arbitrary code on vulnerable systems. Soko is deployed…

According to security researchers at Zimperium, the volume of mobile malware, phishing sites dedicated to mobiles, and mobile vulnerabilities increased significantly in 2022.  The researchers found that the percentage of phishing sites targeting…

Europol recently announced that dismantling an encrypted chat platform used by organized crime gangs (OCGs) has led to 6558 arrests in the past three years, including 197 "high-value targets." Europol noted that EncroChat was used by tens of thousands of…

Observing a computer program's behavior, such as how much time it spends accessing the computer's memory, enables a skilled hacker to obtain sensitive data, such as a password. Approaches to security that completely block these side-channel attacks are…