A security flaw in Google's Cloud Platform (GCP) could have allowed cybercriminals to hide an unremovable, malicious app within a victim's Google account, rendering the account permanently infected. The "GhostToken" vulnerability was identified and…

The 3CX Desktop App software has been reportedly compromised via a prior software supply chain breach, with a North Korean actor suspected to be responsible.  Security researchers at Mandiant stated the initial compromise was traced back to malware…

Irfan Ahmed, Ph.D., provides defenders with digital forensic tools and the knowledge to use them in cybersecurity. Ahmed is an associate professor of computer science and the director of the Virginia Commonwealth University (VCU) Engineering Department…

The Artificial Intelligence (AI) chatbot ChatGPT has been generating a great deal of buzz in the news and on social media regarding its ability to write blogs, software source code, and frameworks. People are sharing what they have done with the Large…

Following a temporary suspension in Italy and several investigations in other European Union countries, OpenAI has just over a week to comply with European data protection laws. Failure to comply could result in costly fines, data deletion…

Cisco recently announced patches for critical vulnerabilities impacting its Industrial Network Director and Modeling Labs solutions.  Designed for industrial network management, Industrial Network Director (IND) provides visibility into network and…

People should be able to securely store their digital information without fear of quantum or faster computers threatening safety. With funding from the National Science Foundation (NSF), computer science professors will use their innovative collaborative…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) reports that there are about 153,000 public drinking water systems and over 16,000 publicly owned wastewater treatment systems in the US. Therefore, a…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has announced plans to develop and establish the Logging Made Easy (LME) tool, a service that was initially created and maintained by the National Cyber…

The UK government’s intelligence and security arm recently issued an alert on Russian state-aligned threat actors aiming to conduct disruptive and destructive attacks against critical infrastructure in Western countries.  The National Cyber Security…

Security researchers at Bridewell Consulting have discovered that over a third (35%) of critical national infrastructure (CNI) security leaders believe the economic downturn is forcing employees to turn to data theft and sabotage.  The researchers…

Fortra, the company developer of Cobalt Strike, is bringing further attention to the zero-day Remote Code Execution (RCE) flaw in its GoAnywhere MFT tool that ransomware actors are actively exploiting to steal sensitive data. The critical flaw, tracked…