In addition to maintaining a high profile, the LockBit group has turned ransom monetization on its head. Forty-four percent of all ransomware attacks launched in 2022 have been attributed to this group due to its innovative approach. The LockBit…

Unauthenticated remote attackers could overwrite, delete, or create files on Industrial Control Links (ICL) ScadaFlex II SCADA Controller SC-1 and SC-2 devices. This enables an attacker to perform critical CREATE, READ, UPDATE and DELETE (CRUD) file…

On Thursday, April 6, the University of Hawaiʻi Maui College said they learned of a data breach that affected their system.  According to UH, the breach occurred in mid-February.  The university learned that an unauthorized third party had…

Apple recently pushed out a major iOS security update to fix a pair of zero-day vulnerabilities already being exploited in the wild.  The newest iOS 16.4.1 and iPadOS 16.4.1 updates cover code execution software flaws in IOSurfaceAccelerator and…

Microsoft recently warned that Iranian advanced persistent threat (APT) actors MuddyWater and DEV-1084 had been observed launching destructive cyberattacks disguised as ransomware.  Also tracked as Mercury, Seedworm, and Static Kitten and known to…

D2X is a new tool developed at MIT that makes it simple to debug any domain-specific programming language. D2X is classified as a library, a reusable piece of computer code that multiple applications can operate. It is intended to interact with existing…

Internal documents, including meeting notes and source code, were shared by Samsung employees with the popular Artificial Intelligence (AI)-driven chatbot ChatGPT. ChatGPT trains itself and build its experience based on user-provided data, with the risk…

Sophos recently announced security updates that resolve several vulnerabilities in Sophos Web Appliance, including a critical bug leading to code execution.  A web security solution, the Sophos Web Appliance allows administrators to set web access…

After MSI disclosed a recent cyberattack, owners of MSI motherboards, GPUs, notebooks, PCs, and other devices should exercise caution when updating the firmware or BIOS of their devices. MSI urged users to obtain firmware/BIOS updates exclusively from…

According to new research conducted by the University of East Anglia, individuals disclose more personal information when asked the same questions twice. A new study demonstrates how straightforward repetition can lead to excessive disclosure, putting…

The Dutch government will enhance the security of its Internet routing by using the Resource Public Key Infrastructure (RPKI) standard before the end of 2024. RPKI, or Resource Certification, protects against malicious or accidental rerouting of Internet…

Since 2017, it is estimated that over one million WordPress websites have been infected by an ongoing campaign to deploy malware known as Balada Injector. According to GoDaddy's Sucuri, the campaign exploits all known and recently discovered theme and…