Montana State University (MSU) is leading a new effort to reduce software vulnerabilities across various systems, building on nearly five years of helping the Departments of Defense (DOD) and the Department of Homeland Security (DHS) in improving methods…

Google has removed some malicious apps from the Google Play Store that were downloaded by over a million Android users. The apps infected smartphones with malware and bombarded devices with malicious pop-up ads. According to cybersecurity researchers at…

The cryptocurrency exchange platform FTX says unsanctioned actors stole customers' digital assets, thus initiating a rush to disconnect digital wallets from the Internet. A message posted on the FTX Telegram page warned users of malware on the platform.…

According to researchers at Oxeye, Backstage, an open platform for building developer portals, is affected by a critical vulnerability whose exploitation could have a serious impact on a targeted enterprise.  Backstage was developed by Spotify and…

According to Europol, a recent month-long anti-fraud crackdown across Europe arrested 59 suspected scammers.  Europol noted that the operation ran through October as part of the 2022 e-Commerce Action (eComm 2022) initiative.  It saw 19…

Avast researchers observed the recently discovered espionage group Worok abusing Dropbox API to exfiltrate data via a backdoor hidden in seemingly harmless image files. The experts began their investigation from an ESET analysis of attacks on…

As 2021 set a record for the number of vulnerabilities published and threat actors improved their ability to weaponize vulnerabilities, timely and improved prioritization and remediation of vulnerabilities should be a goal for all organizations. The US…

'Fangxiao' is a malicious for-profit organization that has established a massive network of more than 42,000 web domains that impersonate well-known brands in order to redirect users to sites promoting adware apps, dating sites, or 'free' giveaways. The…

As part of an ongoing campaign that began in March 2022, a suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies in Asian countries. Symantec linked the attacks to an adversarial group…

A dangerous new malware loader called BatLoader, with features for determining whether it is on a business system or a personal computer, has begun rapidly infecting systems worldwide. VMware Carbon Black researchers are tracking the threat, finding that…

A security vulnerability in messenger services has been discovered by an international research team led by Dr. Theodor Schnitzler of TU Dortmund University. They discovered that measuring the time it takes for a message to be delivered makes it possible…

OpenText Security Solutions surveyed 1,332 security and Information Technology (IT) professionals in the US, the UK, and Australia, finding that small and medium-sized businesses (SMBs) are concerned that geopolitical tensions will worsen ransomware…