In a recent campaign spanning from late 2022 to early 2023, a Chinese state-sponsored actor named "Flea" targeted foreign affairs ministries in the Americas. According to Broadcom's Symantec, the cyberattacks involved a new backdoor called "Graphican."…

Louisiana State University (LSU) researchers Ibrahim "Abe" Baggili and Andrew Webb have received $600K from the Defense Advanced Research Projects Agency (DARPA) in support of their project, "Mixed Reality Visual Deception for Mission Deviation &…

Microsoft is responding to Distributed Denial-of-Service (DDoS) attacks that recently interrupted the company's popular services, including Azure, Outlook, and OneDrive. Microsoft's Security Response Center (MSRC) released a comprehensive analysis of the…

The pro-Russian hacktivist group "Anonymous Sudan" appears to use expensive online infrastructure for Distributed Denial-of-Service (DDoS) attacks, thus undermining its claim to be a volunteer group working from an impoverished East African nation.…

New research on the password behaviors of over 8,000 people in the UK, France, and Germany reveals that 75 percent of individuals put themselves at risk by not following widely accepted password best practices. Sixty-four percent of those surveyed by…

A security vulnerability was recently discovered in the Schneider Electric ION and PowerLogic power meters.  The vulnerability makes it so they transmit a user ID and password in plaintext with every message.  The vulnerability was given a CVSS…

Gen Digital, the company behind known cybersecurity brands such as Avast, Avira, AVG, Norton, and LifeLock, has recently announced that employees' personal information was compromised in the recent MOVEit ransomware attack.  The attack exploited a…

The challenges posed by bots on social media continue to be diverse, ranging from the minor annoyance of spamming to the potentially grave issues of spreading misinformation, influencing elections, and inflaming polarization. Recent research suggests…

The Office of the Australian Information Commissioner (OAIC) recently announced that some of its files were stolen in a ransomware attack on law firm HWL Ebsworth.  One of the largest law firms in Australia, HWL Ebsworth, stated that it became aware…

According to researchers, a cybercriminal group called "Diicot" is conducting mass SSH brute-force scanning and launching a variant of the Mirai Internet of Things (IoT) botnet on compromised devices. Additionally, the group deploys a cryptocurrency…

"Secrets" are considered sensitive pieces of information that grant access to a cloud environment. Orca Security's research reveals that attackers typically identify misconfigured and vulnerable assets within two minutes and immediately begin exploiting…

This month's attack on a cancer center in the US by an obscure ransomware group prompted a warning to the healthcare sector regarding the threat actor's rarely used but highly effective techniques. Although the group called "TimisoaraHackerTeam" (THT) is…