Transferring sensitive data to non-Health Insurance Portability and Accountability Act (HIPAA)-covered entities may result in compliance complications, data breaches, lawsuits, and patient privacy risks. Third-party tracking tools promise functionality…

Microsoft discovered multi-stage adversary-in-the-middle (AiTM) phishing and Business Email Compromise (BEC) attacks targeting financial service organizations. In AiTM phishing, threat actors set a proxy server between a target user and the website the…

Researchers expect a rise in Log4J exploits as cybercriminals continue to find new methods to circumvent the ongoing implementation of Microsoft's anti-phishing measures. Microsoft blocked the enablement of VBA macros in Office documents by default in…

Ransomware hackers are pushing the concept of code reuse to its limits. In their rush to make money, some new cybercriminals are turning to previous ransomware groups' discarded remnants, piecing together ransomware rather than developing their own…

According to researchers at the San Francisco-based company Robust Intelligence, a feature in Nvidia's Artificial Intelligence (AI) software can be manipulated to disregard safety restrictions and reveal private information. The "NeMo Framework"…

Ofcom, Britain's communications regulator, has disclosed that hackers exploiting a flaw in Progress Software's MOVEit Transfer file transfer app downloaded confidential information on companies it regulates. A spokesperson for Ofcom revealed that the…

The Australian Capital Territory (ACT) Government is among an estimated 5 percent of Barracuda Networks' Email Security Gateway (ESG) customers who have been instructed to remove and replace their appliances due to a zero-day flaw compromise. Barracuda…

Since September 2022, a fully undetectable (FUD) malware obfuscation engine named BatCloak has been used to launch different malware strains while persistently bypassing antivirus detection. According to Trend Micro researchers, the samples enable threat…

A hacking group identified as "Pink Drainer" impersonates journalists in phishing attacks to compromise Discord and Twitter accounts in order to steal cryptocurrency. According to ScamSniffer analysts, Pink Drainer effectively compromised the accounts of…

Fortinet has released multiple versions of FortiOS, the operating system/firmware powering its Fortigate firewalls and other devices. They contain a fix for CVE-2023-27997, a Remote Code Execution (RCE) vulnerability that an unauthenticated attacker can…

The Cl0p ransomware group lingered on a zero-day vulnerability it discovered in Progress Software's MOVEit Transfer file transfer application for nearly two years before beginning to exploit it. During this holding period, group members launched periodic…

CAPTCHA, which stands for "Completely Automated Public Turing test to tell Computers and Humans Apart," does what its name suggests: distinguishing between humans and robots. However, Artificial Intelligence (AI) technology is advancing rapidly, with…