Through edge computing, computation and data storage are brought closer together, reducing the amount of data sent to and from the cloud. Although edge computing reduces some security risks by keeping data near its source, it also adds new security…

In November 2022, the National Security Agency (NSA) suggested using memory-safe programming languages to protect against software-memory safety problems. The "Future of Memory Safety" report published earlier this year by Consumer Reports advocated…

According to security researchers at EasyDMARC, only 1.2% of nearly 10 million .org domains in circulation have fully implemented DMARC to mitigate the risk of phishing.  The researchers reviewed over 9.9 million verified .org email domains and…

Video communications giant Zoom recently announced that in 2022 it paid out $3.9 million to security researchers who reported vulnerabilities as part of its bug bounty program.  Zoom launched a private bug bounty program on HackerOne in 2019 and has…

According to a new report from the European Union Agency for Cybersecurity (ENISA), ransomware attacks are the most pressing cyber threat faced by the transportation sector. This is the first time the agency has analyzed threats to the aviation,…

The North Korean Advanced Persistent Threat (APT) group called ScarCruft downloads additional malware using weaponized Microsoft Compiled HTML Help (CHM) files. According to different reports from AhnLab Security Emergency Response Center (ASEC), SEKOIA.…

Researchers have discovered attacks by a sophisticated threat actor involving a previously unknown malicious framework called CommonMagic and a new backdoor called PowerMagic. Since at least September 2021, both pieces of malware have been used in…

A group tracked by Elastic Security Labs as REF2924 is using new data-stealing malware, a C#-written HTTP listener named Naplistener, in attacks against victims in southern and southeast Asia. According to Elastic's senior security research engineer…

Security researchers have observed that advances in deep learning algorithms, audio editing, and synthetic voice generation are making it increasingly feasible to replicate a person's voice convincingly. In addition, Artificial Intelligence (AI)-driven…

According to Cisco's first-ever Cybersecurity Readiness Index, only 15 percent of companies worldwide are at the 'Mature' level of readiness required to be resilient against today's advanced cybersecurity threats. Over half (55 percent) of companies fall…

Security teams are urged to double-down on their efforts to patch the two-year-old VMware ESXi server vulnerability that impacted thousands of VMware customers. According to a blog post published by AT&T Cybersecurity on March 20, companies that have…

As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the "Recommended Best Practices Guide for Administrators" to provide system administrators with…