According to several security experts, the Log4Shell vulnerability will impact organizations for at least a decade. Those concerns appear to be justified, as a new report from Tenable finds that 72 percent of organizations are still vulnerable, even…

Security researchers have devised a generic SQL injection technique that circumvents multiple Web Application Firewalls (WAFs). WAF vendors have failed to add support for JSON inside SQL statements, allowing potential attackers to easily conceal their…

According to the cybersecurity firm NordVPN, at least 5 million people worldwide have had their online data stolen and sold on "bot markets." About 3,000 of those affected are from Ireland, while nearly 46,000 are from the UK. Bot markets are online…

According to new LogRhythm research, 67 percent of respondents say their company has lost a business deal due to a customer's lack of trust in their security strategy. Dimensional Research conducted the survey of 1,175 security professionals and…

According to a global survey of 4,700 Information Technology (IT) professionals conducted by Cisco, the most common types of incidents were network or data breaches (52 percent), followed by network or system outages (51 percent), ransomware events (47…

Researchers at Appdome unveiled the results of a global survey that shares the views of 25,000 consumers in 11 countries on mobile app use and consumer expectations of mobile app security.  The researchers found that more than half (53.5%) of…

Endor Labs published "The State Of Dependency Management," which provides insight into the widespread but often unmonitored use of existing open-source software in application development, as well as the risks associated with this common practice. The…

Lighting and building management giant Acuity Brands has recently publicly disclosed two data breaches it suffered in recent years, including one that may have involved ransomware.  The Atlanta, Georgia-based firm employs roughly 13,000 people and…

According to the Cybernews research team, web Explorer - Fast Internet, an Android browsing app, left its Firebase instance open, exposing app and user data. Firebase is a mobile app development platform with numerous analytics, hosting, and real-time…

Security researchers at Jscrambler had recently discovered that a web skimming campaign running for the past year has already compromised over 40 e-commerce sites.  The researchers revealed that "Group X," which exfiltrated card data to a server in…

Google's Threat Analysis Group (TAG) discovered a zero-day exploit for an Internet Explorer (IE) vulnerability that was used to target South Korean users. TAG made the discovery in October 2022 and found malware in documents emailed to targets. The…

Apple has announced plans for new cybersecurity features aimed at helping users protect their data more effectively from hacking. The first feature Apple will include in the update is Advanced Data Protection, which will be made available through iCloud…