According to new research by 1Password, distracted employees are twice as likely to do the bare minimum for security at work.  The researchers found that 4 in 5 employees (79%) feel distracted on a typical workday, with 1 in 3 employees (32%) saying…

Security researchers at Zscaler have found that the vast majority of cyberattacks over the past year have used TLS/SSL encryption to hide from security teams.  The researchers analyzed 24 billion blocked threats during the period October 2021–…

A hacker claims to have posed as the CEO of a financial institution and gained access to InfraGard's database of over 80,000 members. InfraGard is an outreach program run by the FBI that shares sensitive information on national security and cybersecurity…

Talos researchers discovered a phishing campaign using Scalable Vector Graphics (SVG) images embedded in HTML email attachments to distribute the QBot malware. HTML smuggling is an evasive malware delivery method that involves using legitimate HTML5 and…

According to PCI Pal, despite the constant evolution of the financial landscape, consumers still want a smooth and secure payment journey above all else. Alessandro Dalla Volta, VP of Product at PCI Pal, says new technology and payment methods will be at…

The Royal ransomware gang is demonstrating sophisticated tactics such as partial and rapid encryption, which researchers believe may reflect the years of experience its members gained as leaders of the now-defunct Conti Group. Royal ransomware appears to…

The US Department of Justice (DOJ)  has seized 48 Internet domains and charged six people in connection with the operation of booter or stresser platforms that allow anyone to easily conduct Distributed Denial-of-Service (DDoS) attacks. Booters are…

The Senate just passed a bill by unanimous consent that would ban the social media app TikTok from all government devices amid increased scrutiny over the app's perceived threats to national security.  Lawmakers have been increasingly vocal about…

Unknown threat actors have published more than 144,000 packages in the NuGet, PyPI, and npm ecosystems as part of a new campaign. According to Checkmarx and Illustria researchers, the packages were part of a new attack vector in which attackers spammed…

Over the last two years, a cyberespionage group with ties to Iran's Islamic Revolutionary Guard Corps (IRGC) has been observed attacking new targets, including medical researchers, an aerospace engineer, and even a Florida-based realtor. TA453, also…

The Atacama Large Millimeter/Submillimeter Array (ALMA) in Chile is still offline more than a month after a ransomware cyberattack on its computer systems. The disruption is interfering with astronomers' research projects worldwide and costs the…

According to new research from Splunk, public sector organizations lack the cybersecurity intelligence they require, and the problem is far worse than in the private sector. The Splunk 2022 Public Sector Survey reveals that nearly half of public sector…