January through April is tax season in the US, during which businesses and employees fill in W-2 forms for the Internal Revenue Service (IRS). Threat actors try to steal the W-2 forms, which legitimate employees use. According to the IRS' Information…

Cryptocurrency ATM manufacturer General Bytes recently disclosed a security incident that resulted in the theft of millions of dollars worth of funds.  The company said that the attackers exploited a vulnerability in the master service interface…

According to security researchers at Juniper Research, the cost of fraudulent robocalls to victims will increase 9% from 2022 to reach $58bn globally this year.  The researchers noted that auto-dialing software that delivers pre-recorded messages is…

Research conducted by the National Institute of Standards and Technology (NIST) reveals misconceptions that can impact security professionals as well as offers potential solutions. A recent report by NIST computer scientist Julie Haney highlights a…

A New York man accused of running the popular cybercrime forum BreachForums has recently been arrested and charged.  He is believed to be Pompompurin, an individual whose online moniker was mentioned in several high-profile hacking stories in the…

Guenevere Chen, an associate professor at the University of Texas at San Antonio, has recently published a paper that demonstrates a novel inaudible voice Trojan attack to exploit vulnerabilities contained by smart device microphones and voice assistants…

The National Basketball Association (NBA) recently notified individuals that their personal data was stolen in a data breach at a third-party service provider.  The NBA stated that the incident resulted in the theft of names and email addresses,…

Sustainable energy giant Hitachi Energy has recently blamed a data breach affecting employees on the exploitation of a recently disclosed zero-day vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) software.  Hitachi Energy said the…

Mispadu, a banking Trojan, has been linked to several spam campaigns aimed at Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and distributing other payloads. The activity, which began in August 2022, is ongoing,…

Tracking pixels, such as the Meta and TikTok pixels, are widely used by online businesses to track the preferences and behaviors of website visitors, but they are not without risk. Although pixel technology has existed for years, privacy regulations such…

The Emotet malware is now being delivered through Microsoft OneNote email attachments in an attempt to circumvent Microsoft's security measures and infect more systems. Emotet is a malware botnet that was previously spread using Microsoft Word and Excel…

Meta researchers Ben Nimmo and Eric Hutchins have proposed a new framework approach for addressing online threats, which uses a shared model for identifying, describing, comparing, and disrupting the different phases of an attack chain. Their new "Online…