The US Department of the Treasury recently announced sanctions against four entities and one individual for engaging in malicious cyber activities on behalf of the North Korean government.  The US Department of the Treasury stated that North Korean…

A massive credential-harvesting campaign uses the legitimate email newsletter program SuperMailer to send out a large number of phishing emails designed to circumvent Secure Email Gateway (SEG) protections. Cofense reported on May 23 that SuperMailer-…

A team of researchers from UC San Diego and Purdue University has discovered a hidden feature of Intel processors that can enhance security, including shutting down an entire class of Spectre attacks capable of providing an attacker with sensitive…

The National Security Agency (NSA) and several partners have released the "#StopRansomware Guide" Cybersecurity Information Sheet (CSI) to help network defenders protect against malicious cyber actors' evolving ransomware tactics. The US Homeland…

In an attack on Apria Healthcare, cybercriminals stole the credit card information of nearly two million customers. Apria is a leading provider of home medical equipment delivery and clinical support in the US. The attackers reportedly stole financial…

Security researchers at ClearSky have discovered a sophisticated watering hole attack targeting multiple Israeli websites.  The malicious attempt, believed to be conducted by a nation-state actor from Iran, has raised concerns about the security of…

In March 2023, researchers detected a previously unknown Advanced Persistent Threat (APT) group, Bad Magic, also known as Red Stinger, which targeted organizations in the region of the Russo-Ukrainian conflict. The attackers were seen using PowerMagic…

Different information-stealing malware strains have been distributed using websites posing as the TikTok video editor CapCut in different campaigns. A Cyble report revealed that the threat actors behind the first campaign used fraudulent CapCut websites…

The FBI warns people to be aware of fake employment advertisements that are used to lure applicants into Southeast Asian scam operations. In recent years, such schemes, perpetrated primarily by Chinese organized crime groups, have expanded in size, with…

Google recently introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities found in the company’s mobile applications.  The Mobile VRP runs alongside the Android and Google Devices security reward…

China has recently banned products sold by US chipmaker giant Micron, citing cybersecurity concerns.  The Cyberspace Administration of China announced the decision on May 21, 2023, following a cybersecurity review of Micron products sold in China…

A team of scientists from the Department of Energy's (DOE) Pacific Northwest National Laboratory (PNNL), Purdue University, Carnegie Mellon University (CMU), and Boise State University has turned to Artificial Intelligence (AI), threading together three…