Security researchers at Trend Micro have discovered that boards continue to under-appreciate the value of cybersecurity to the business, despite acknowledging its critical role in winning new business and talent.  The researchers polled 2718…

In a new study, computer scientists from the University of Surrey present an image-based authentication system for mobile phones called Transparent Image Moving (TIM) that helps lower the risk of shoulder surfing attacks. Shoulder surfing is a security…

Security researchers at Malwarebytes are warning US taxpayers not to fall for a new phishing campaign using the IRS as a lure to install notorious Trojan Emotet on their machines.  Scammers have long used tax filing season as an opportunity to trick…

According to security researchers, devices used in critical infrastructure are infested with vulnerabilities that can cause Denial-of-Service (DoS), enable configuration manipulation, and help attackers achieve Remote Code Execution (RCE). In addition,…

Security experts are warning over the significant growth in exposed account passwords after a repository of compromised credentials surpassed five billion records. This month, Authlogics, a UK-based provider of password security technologies for…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released a new open-source incident response tool to help detect malicious activity in Microsoft cloud environments. This Python-based utility, known as the…

MITRE has launched a prototype cloud-based platform for its new System of Trust (SoT) framework, which identifies and quantifies supply chain risks and cybersecurity concerns. Organizations can now use the Risk Model Manager (RMM) platform to assess…

German and South Korean government agencies have issued a warning about a new spear-phishing campaign launched by the Kimsuky North Korean Advanced Persistent Threat (APT) group against experts on the peninsula. The campaign gains access to victims'…

Okta is one of the leading providers of authentication services and Identity and Access Management (IAM) systems, with a net worth of $13.6 billion and over 17,000 customers worldwide. However, the cloud incident response company Mitiga has discovered a…

Guardio Labs researchers discovered that a new Chrome extension that promises to enhance users' Google searches with ChatGPT also leads to compromised Facebook accounts. While this method is not new, the extension worked as claimed. The Artificial…

A recent Earth Preta campaign reveals that China-aligned nation-state groups are becoming increasingly skilled at circumventing security systems. Since at least 2012, the broader cybersecurity community has tracked the threat actor under the names Bronze…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) recently launched a significant initiative to help organizations fix vulnerabilities targeted by ransomware actors more quickly. CISA has now announced the "Pre…