A data breach faced by a third-party vendor resulted in the exposure of sensitive information on Southwest Airlines and American Airlines pilot applicants. After a third-party vendor was compromised, both US-based air carriers sent out breach…

The Internet Systems Consortium (ISC) has issued security updates to address three Denial-of-Service (DoS) flaws in the Domain Name System (DNS) software suite BIND. The vulnerabilities, tracked as CVE-2023-2828, CVE-2023-2829, and CVE-2023-2911, are…

The National Institute of Standards and Technology (NIST) is working on its first-ever framework for water infrastructure cybersecurity. NIST's National Cybersecurity Center of Excellence wants input from technology vendors, water sector members, and…

The New York City Department of Education (NYC DOE) recently discovered that hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server.  The managed file transfer (MFT) software…

A Liverpool man has recently been handed a five-year jail term after a sophisticated hacking campaign in which he and others hijacked celebrity Twitter accounts in a bid to scam followers.  Joseph O’Connor was extradited from Spain to the US on…

The US Secretary of Commerce, Gina Raimondo, recently announced that the National Institute of Standards and Technology (NIST) will launch a new public working group on Artificial Intelligence (AI) that will build on the success of the NIST AI Risk…

The US government has recently captured the surface web domains associated with notorious cybercrime marketplace BreachForums, despite the arrest of the site's owner months ago.  It is currently unclear why it has taken three months to get to this…

"Volt Typhoon," a recently identified Chinese nation-state actor, has been observed to be active in the wild since at least mid-2020, with the hacking group linked to never-before-seen tradecraft aimed at maintaining remote access to targets. CrowdStrike…

Deception technologies can provide a more effective method for detecting network attackers, but it is unclear how well security leaders understand their maturity and capabilities. Debi Ashenden, a cybersecurity professor at Adelaide University, described…

According to Orca Security, attackers typically discover exposed "secrets," or sensitive information that grants access to an enterprise cloud environment, in as little as two minutes and, in many cases, begin exploiting them almost immediately,…

A trojanized installer for the popular Windows game "Super Mario 3: Mario Forever" has spread malware to unsuspecting players. Super Mario 3: Mario Forever is a free-to-play remake of the Nintendo game created by Buziol Games and released for Windows in…

Improving the accuracy of Artificial Intelligence (AI) analysis requires collecting sufficient data without distribution bias. AI technology gathers data dispersed across multiple institutions. It must safely perform integrated analysis while keeping…