Microsoft and two partner organizations have been granted legal permission to target cybercriminal infrastructure associated with the widespread abuse of Cobalt Strike, a legitimate testing tool that attackers have used against the healthcare industry.…

Google has recently unveiled a new policy for Android apps that enable account creation.  The rule mandates such apps to provide users with an option to delete both the accounts and the data associated with them.  Bethel Otuteye, senior…

Data storage device manufacturer Western Digital has recently disclosed information about a network security incident detected on March 26.  The company said the incident involved an unauthorized third party gaining access to several systems.  …

In the last year, nearly half of cybersecurity practitioners have been instructed by senior management to keep data breaches "under wraps." Bitdefender's survey of 400 Information Technology (IT) and security professionals revealed that 42 percent had…

Telegram has become a hub for phishing bot and kit developers seeking to advertise their products to a larger audience or recruit helpers. Although the messaging platform has been used for cybercriminal activities for years, threat actors in the phishing…

Cybercriminals are targeting victims with well-crafted phishing attacks from QuickBooks online accounts to steal credentials. According to researchers from Avanan, the scheme is at a level of legitimacy and social engineering that suggests new Business…

Cryptocurrency thieves are targeting users of Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave Browser, and Opera, with an extension that can steal credentials and multi-factor authentication (MFA) codes. The extension, dubbed…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released eight advisories regarding critical vulnerabilities in Industrial Control Systems (ICS) products from Hitachi Energy, mySCADA Technologies,…

Irfan Ahmed, Ph.D., associate professor of computer science, equips the good guys fighting the never-ending cybersecurity conflict with digital forensic tools and the knowledge to use them. Ahmed is the director of the Security and Forensics Engineering…

Almost everyone in the digital age has likely, at some point, needed to access cloud-stored documents and data but forgot their password and had to create a new identity. For researchers with allocations for high-performance computing and services across…

Dozens of companies charge customers to use a different Internet Protocol (IP) address for activities such as watching YouTube videos unavailable in their region, conducting unrestricted web scraping and browsing, or visiting websites without attributing…

As cars become more connected, they will face more security challenges. Connectivity involves all vehicle components, encompassing everything from autonomous driving to connected infotainment and in-cabin monitoring. In addition, it includes external…