Professor Eugene H. Spafford earned the Annual Computer Security Applications Conference (ACSAC) 2022 Cybersecurity Artifacts Competition Impactful System Award for his artifact Tripwire: Integrity Scanning as Intrusion Detection. The selection of…

The Christmas season is a busy time for phishers. According to Check Point research, 17 percent of all malicious files distributed via email in November were related to orders and shipping during the Black Friday holiday season, which is expected to…

The US Cybersecurity and Infrastructure Security Agency (CISA) has recently added two flaws affecting Veeam's Backup & Replication product to its Known Exploited Vulnerabilities Catalog.  CISA added five flaws to its catalog on Tuesday,…

Most people associate Lego with toy bricks and childhood imagination, but the Lego company has now entered the digital age by offering a service called BrickLink, which has been discovered to be insecure. A new report from Salt Security reveals the…

According to a Government Accountability Office (GAO) briefing document aimed at lawmakers, many federal agencies will find it difficult to design zero trust systems because the various products required to fully realize the strategy do not always…

The popular data analytics company Social Blade has admitted to being hacked. Social Blade offers a data analytics tool based in the US that tracks social media platforms such as YouTube, Facebook, Twitter, and TikTok. The company claims to have seven…

According to new research by 1Password, distracted employees are twice as likely to do the bare minimum for security at work.  The researchers found that 4 in 5 employees (79%) feel distracted on a typical workday, with 1 in 3 employees (32%) saying…

Security researchers at Zscaler have found that the vast majority of cyberattacks over the past year have used TLS/SSL encryption to hide from security teams.  The researchers analyzed 24 billion blocked threats during the period October 2021–…

A hacker claims to have posed as the CEO of a financial institution and gained access to InfraGard's database of over 80,000 members. InfraGard is an outreach program run by the FBI that shares sensitive information on national security and cybersecurity…

Talos researchers discovered a phishing campaign using Scalable Vector Graphics (SVG) images embedded in HTML email attachments to distribute the QBot malware. HTML smuggling is an evasive malware delivery method that involves using legitimate HTML5 and…

According to PCI Pal, despite the constant evolution of the financial landscape, consumers still want a smooth and secure payment journey above all else. Alessandro Dalla Volta, VP of Product at PCI Pal, says new technology and payment methods will be at…

The Royal ransomware gang is demonstrating sophisticated tactics such as partial and rapid encryption, which researchers believe may reflect the years of experience its members gained as leaders of the now-defunct Conti Group. Royal ransomware appears to…