Ransomware attackers are taking advantage of organizations having fewer security personnel available on weekends and holidays in order to launch more devastating attacks. According to a new Cybereason report, 44 percent of businesses reduce security…

At least seven hacking groups are responsible for a massive increase in 'TrojanOrders' attacks against Magento 2 websites, which exploit a vulnerability that allows threat actors to compromise vulnerable servers. Sansec, a website security firm, warned…

European privacy experts warn FIFA World Cup attendees that their personal data may be at risk if they download two local tracking apps.  The two apps in question are contract-tracing software Ehteraz, which football fans may be asked to download if…

After a four-month hiatus, the cybercriminals running the Emotet botnet operation are already among the most high-volume threat actors in the current cybersecurity landscape. According to Proofpoint, detections of Emotet payloads dropped off in July 2022…

According to new research by researchers at Trellix, the infamous LockBit ransomware variant remained the most widespread in the third quarter of 2022, accounting for over a fifth (22%) of detections.  The researchers noted that LockBit and Phobos…

Fortinet FortiGuard Labs researchers discovered new RapperBot malware samples that are being used to build a Distributed Denial-of-Service (DDoS) botnet targeting game servers. The researchers discovered the previously undetected RapperBot Internet of…

Veeam Software has released its "Cloud Protection Trends Report 2023," which covers four key "as a Service" scenarios: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS), and Backup and Disaster Recovery-as-a-…

Since the "Shamoon" virus rendered nearly 30,000 client and server systems at Saudi Aramco inoperable more than ten years ago, destructive wiper malware still remains a major threat to enterprise organizations. Max Kersten, a malware analyst at Trellix,…

New research from Mitiga, a cloud incident response company, reveals that hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing Personally Identifiable Information (PII). According to researchers, this kind of PII leakage…

Six papers from researchers affiliated with the Maryland Cybersecurity Center (MC2) were accepted for presentation at the 2022 Association for Computing Machinery Conference on Computer and Communications Security (ACM CCS). The annual conference gathers…

Computer scientists at the University of Guelph in Canada discovered that electronics repair services lack effective privacy protocols. In addition, the researchers found that technicians often snoop on customers' data. The team describes how they tested…

Time-Triggered Ethernet (TTE) is an example of a mixed-criticality network that can route traffic with varying levels of timing and fault tolerance requirements over the same set of hardware. Previously, spacecraft relied on one network to transmit…