Security researchers at Mandiant have analyzed the zero-day vulnerabilities disclosed in 2022 and found that over a dozen of them were used in attacks believed to have been carried out by cyberespionage groups.  The researchers noted that the…

In addition to manipulating software, attackers can also tamper with hardware. Therefore, a team from Ruhr University Bochum (RUB), Germany, and the Max Planck Institute for Security and Privacy (MPI-SP) is developing techniques to detect such tampering…

Through 37 in-depth interviews with global CEOs, a team of researchers from the University of Oxford and ISTARI revealed the emotions and challenges associated with effectively managing cyber risk. They have shared the findings of their joint CEO Report…

The UK’s leading cybersecurity agency has recently launched two new services designed to help small businesses to enhance their cyber risk management more effectively.  The National Cyber Security Agency (NCSC) announced a Cyber Action Plan, a…

Threat actors are delivering cryptocurrency stealers to .NET developers via the NuGet repository and impersonating multiple legitimate packages through typosquatting. According to JFrog security researchers Natan Nehorai and Brian Moussalli, who…

The Italian luxury sports car maker Ferrari has experienced a data breach and stated that a threat actor recently contacted it with a ransom demand about some client contact information, but it will not pay the ransom. Although there is a ransom demand,…

As part of a new campaign, poorly managed Linux SSH servers are being targeted with several forms of malware called ShellBot. AhnLab Security Emergency Response Center (ASEC) explained that ShellBot, also known as PerlBot, is a Distributed Denial-of-…

Former Mirai hackers have launched a new botnet, HinataBot, which can wreak significantly more damage but requires far fewer resources to operate. Mirai is one of the most notorious botnets in the world. It has been around since the mid-2010s, using…

The Global Positioning System (GPS) is inexpensive and easy to use because a device only needs to receive and interpret signals, not transmit, respond, or authenticate them. However, what makes GPS valuable also makes it so vulnerable, says Aanjhan…

Since November 2022, cybersecurity researchers have observed the pro-Russia hacking group known as Killnet launching a growing number of Distributed Denial-of-Service (DDoS) attacks against healthcare organizations. Killnet launched in February 2022…

The Play ransomware group has targeted Royal Dirkzwager, a Dutch company specializing in optimizing shipping processes and managing maritime and logistic information flows. The ransomware group added the company to its Tor data leak site and announced…

In 2022, the National Security Agency (NSA) made more progress in creating and maintaining a diverse workforce critical to achieving its foreign signals intelligence and cybersecurity missions. In 2022, a record 15.6 percent of new hires self-identified…