According to new research from the University of Georgia (UGA) on smart home hubs, convenience may cost personal security. A smart hub is a centralized device that allows users to control their smart devices from one place. These hubs rely on technology…

Costa Rica declared a state of emergency in late April, following weeks of major ransomware attacks. This measure, usually reserved for dealing with natural disasters, was taken by newly-elected President Rodrigo Chaves to free up the government to…

Security researchers at Egress are warning that corporate accounts could be at risk after noting a 78% increase in email impersonation attacks spoofing the Netflix brand since October.  The researcher warned that if employees use the same…

According to Cyjax researchers, a financially motivated group based in China called Fangxiao has been orchestrating a large-scale phishing campaign since 2017. The sophisticated phishing campaign takes advantage of international brand reputations and…

According to a new report from Microsoft's Security Threat Intelligence team, the Royal Ransomware group used Google Ads in one of their attack campaigns. The ransomware, which first appeared in September and claimed a number of victims, including one of…

According to a new joint advisory released by the FBI, the US Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS), the Hive ransomware variant has made its operators and affiliates around $100…

Cybercriminals used a sophisticated phishing campaign impersonating Instagram to target students at national educational institutions in the US. They used a valid domain to steal credentials, bypassing both Microsoft 365 and Exchange email protections.…

The PCI Security Standards Council (PCI SSC) has released a new standard to help in the evolution of mobile payment acceptance solutions. PCI Mobile Payments on COTS (MPoC) expands on the existing PCI Software-based PIN Entry on COTS (SPoC) and PCI…

According to the 2022 Elastic Global Threat Report, almost 33 percent of cloud attacks use credential access, suggesting that users often overestimate the security of their cloud environments and, as a result, fail to configure and protect them…

Since mid-September, a sophisticated phishing kit has been targeting North Americans with lures themed around holidays such as Labor Day and Halloween. The kit employs a variety of evasion detection techniques as well as several mechanisms to keep non-…

LodaRAT malware has resurfaced with new variants being used in tandem with other sophisticated malware, such as RedLine Stealer and Neshta. According to Cisco Talos researcher Chris Neal, the ease of access to LodaRAT's source code makes it an appealing…

Bluetooth-enabled mobile devices have been found to be vulnerable to a flaw that could allow attackers to track a user's location. The study centers on Bluetooth Low Energy (BLE), a type of Bluetooth that uses less energy than Bluetooth Classic, an…