"Understanding Ransomware Threat Actors: LockBit" is the title of a joint Cybersecurity Advisory (CSA) issued by the US Cybersecurity and Infrastructure Security Agency (CISA), FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC), and the…

There is a common misconception that a website with low traffic or that does not offer transaction-intensive online commerce does not need to prepare for Distributed Denial-of-Service (DDoS) attacks because it is not an attractive target. According to…

Google recently announced a new Chrome 114 update that resolves five vulnerabilities, including four critical and high-severity bugs reported by external researchers.  Google noted that the most important of these issues is CVE-2023-3214, a critical…

According to a new report by Akamai, hackers launched 14 billion attacks against the e-commerce industry in 15 months, placing it at the top of the list of targets for Application Programming Interface (API) and web application exploits. Researchers…

Researchers have developed a novel attack that recovers the secret encryption keys in smart cards and smartphones by using iPhone cameras or commercial surveillance systems to video record the power LEDs that glow when the card reader or smartphone is on…

Researchers at B42 Labs have shared some findings from their exploratory research on the application of Large Language Models (LLMs) to malware automation, examining how a potential new type of autonomous threat may manifest in the near future. The…

Skuld is a new Golang-based information stealer that has compromised Windows systems in Europe, Southeast Asia, and the US. According to Trellix researcher Ernesto Fernández Provecho, this new strain of malware attempts to steal sensitive information…

Hackers are posing as cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept (PoC) exploits for zero-day vulnerabilities that infect Windows and Linux with malware. The alleged researchers advertise these malicious exploits…

Swiss government websites are being hit with Distributed Denial-of-Service (DDoS) attacks, but several ransomware gangs have also been targeting Swiss government organizations, cantonal governments, cities, and companies in the last few months. The Swiss…

A Chinese cyber espionage group that researchers previously spotted targeting VMware ESXi hosts has been exploiting a zero-day authentication bypass flaw in the virtualization technology to execute privileged commands on guest Virtual Machines (VMs).…

Cold boot attacks, in which memory chips are cooled and data, including encryption keys, are stolen, were first demonstrated in 2008. The original attack has been improved and automated in the form of a memory-stealing machine that costs about $2,000. At…

Scientists from the University of Science and Technology of China (USTC) of the Chinese Academy of Sciences (CAS) and their collaborators from Tsinghua University, Jinan Institute of Quantum Technology, and Shanghai Institute of Microsystem and…