Researchers have discovered malicious files with backdoor capabilities, which they believe to be a component of a toolkit targeting Apple macOS systems. Researchers at Bitdefender found the set of malicious files with backdoor capabilities believed to be…

KillNet, the pro-Russian hacktivist group, claims to be working with a resurgent version of the infamous ReVIL ransomware gang. The objective appears to be to attack the Western financial system. KillNet has a history of launching mildly disruptive…

Unidentified attackers are compromising poorly managed Linux SSH servers and instructing them to launch Distributed Denial-of-Service (DDoS) attacks while simultaneously mining cryptocurrency in the background. Tsunami, also known as Kaiten, is a DDoS…

The "RedClouds" cyber espionage and hacking campaign involves the use of custom RDStealer malware to automatically steal data from drives shared via Remote Desktop connections. The malicious campaign was identified by Bitdefender Labs, whose researchers…

Between June 2022 and May 2023, over 101,100 compromised OpenAI ChatGPT account credentials appeared on illicit dark web marketplaces, with India alone making up 12,632 stolen credentials. Group-IB noted that the credentials were discovered in…

GitHub recently surveyed 500 U.S.-based developers at companies with 1,000-plus employees about how managers should consider developer productivity, collaboration, and AI coding tools.  GitHub found that AI is being used at scale, with 92% of the…

The Alphv/BlackCat ransomware gang recently took credit for the February 2023 cyberattack against the social media site Reddit.  Reddit disclosed the breach shortly after being hacked earlier this year and described the incident as the result of a…

The US Department of State has recently announced that it is offering a $10m reward for information linking members of a Clop affiliate responsible for a recent data extortion campaign.  The reward was announced after a successful Clop campaign…

Security researchers at Crossword Cybersecurity have recently discovered 2.2 million breached credentials linked to the UK’s 100 top universities available on the dark web, putting staff, students, and their data at risk.   The researchers who found…

Software security has historically been addressed at the project level, focusing on code scanning, penetration testing, and reactive incident response strategies. However, recent discussions have shifted focus to the program level to align security with…

In April 2023, over 1,300 cybersecurity professionals and experts convened virtually for the first Zero Trust Symposium. The event was sponsored and co-hosted by the MIT Lincoln Laboratory, the Defense Acquisition University (DAU), and the Zero Trust…

Cornell is one of four higher-education institutions in a new partnership with Google that aims to make New York City the global leader in cybersecurity. Google announced the Google Cyber NYC Institutional Research Program on June 12 to kick-start the…