A new study from the University of California, Berkeley, suggests that privacy in the metaverse may be unattainable without the development of novel user protections. The recently published study, led by graduate researcher Vivek Nair and conducted at…

DNA Diagnostics Center, a DNA testing company, will pay a penalty of $400,000 to the attorneys general of Pennsylvania and Ohio for a data breach in 2021 that affected 2.1 million individuals nationwide.  According to a settlement deal with the…

A study has found a new class of vulnerabilities impacting Apple's iPhone and Mac operating systems, which, if abused, can allow an attacker to access messages, photos, and call logs. Researchers from the Advanced Research Center of the security…

Malwarebytes recently warned of a remote code execution vulnerability impacting several Arris routers, for which proof-of-concept (PoC) exploit code has been released.  Tracked as CVE-2022-45701, the bug exists because the router firmware does not…

The cybersecurity company Resecurity has released a report stating that, in September 2021, it alerted multiple data center organizations about malicious cyber activities being performed against them and their customers. Nation-state, criminal, and cyber…

The HardBit ransomware threat has been upgraded to version 2.0, and its operators are attempting to negotiate a ransom payment that the victim's insurance would cover. The threat actor tries to persuade the victim that it is in their best interest to…

Lehigh Valley Health Network (LVHN), a Pennsylvania-based healthcare institution, disclosed that the ALPHV/BlackCat group launched a ransomware attack against it. In 2021, ALPHV/BlackCat ransomware was first discovered. The group operates a Ransomware-as…

The cryptocurrency exchange Coinbase has thwarted a cyberattack that could have been launched by the same malicious actors who attacked Twillio, Cloudflare, and a number of other companies in 2022. Using smishing and vishing, the attackers attempted to…

Swedish researchers have cracked one of the key post-quantum security algorithms. The US National Institute of Standards and Technology (NIST) selected the CRYSTALS-Kyber algorithm last year as part of the standards for encapsulating data as security…

Stealc, a new information stealer being sold on the dark web, could emerge as a major competitor to similar malware. SEKOIA researchers stated that Stealc is presented as a fully functional and ready-to-use stealer. According to the researchers, its…

Microsoft has released a report detailing the first sighting of a Global Assembly Cache (GAC) implant in the wild. The new malware, called MagicWeb, developed by the Russian nation-state hacking group NOBELIUM, enables an attacker to authenticate under…

The LockBit ransomware group claims to have hacked Aguas do Porto, a Portuguese municipal water utility company. Aguas do Porto is a municipal water utility company that manages the water cycle, from water supply to wastewater drainage. Furthermore, the…