A recent malicious campaign, which uses fake security updates to deliver Magniber ransomware, has targeted Windows home users. In September, threat actors created websites that promoted fake antivirus and security updates for Windows 10. The malicious…

Security researchers have released a proof-of-concept (PoC) exploit code for the authentication bypass vulnerability CVE-2022-40684 (CVSS score: 9.6) in FortiGate firewalls and FortiProxy web proxies. The flaw affects FortiOS versions 7.0.0 to 7.0.6, as…

According to Zscaler's latest findings, a PHP version of the information-stealing malware Ducktail has been discovered in the wild and is being distributed in the form of cracked installers for legitimate apps and games. The latest version (PHP), like…

Researchers are exploring nature to help them build more resilient power grids that can withstand cyberattacks, natural disasters, and other various disturbances. In a paper titled "Bio-Inspired Design of Complex Energy Systems to Achieve Robust,…

The National Centers of Academic Excellence in Cybersecurity within the National Security Agency (NSA) awarded Brajendra Panda, a computer science and computer engineering professor at the University of Arkansas, $637,223 to improve recovery methods for…

Security researchers at Cisco recently published their 2022 Consumer Privacy Survey, an annual global review of consumers’ perceptions and behaviors on data privacy.  It highlights the critical need for further transparency as consumers say their…

Cloudflare recently published a report on Distributed Denial-of-Service (DDoS) threats in Q3 2022, and the most powerful attack of the quarter targeted a Minecraft gaming server. An individual or organization launched a 2.5 Tbps DDoS attack against the…

TypoSwype, an alternative tool for detecting typosquatting attacks based on image analysis, was recently developed by researchers at Ensign InfoSecurity, an end-to-end cybersecurity service provider based in Singapore. This tool, which was detailed in a…

Once limited to abstract academic conversation among cybersecurity enthusiasts, drones loaded with cyber-spying equipment are now being used in the real world to breach networks and steal information.  Cybersecurity researcher Greg Linares recently…

The Department of Health and Human Services (HHS) breach reporting tool recently added 13 separate filings from anesthesia practices across the US, resulting from a "data security incident" at the management company of the covered entities. In total, 380…

Researchers from NYU, Intel, Duke, and the University of Calgary have published a new technical paper titled "Don't CWEAT It: Toward CWE Analysis Techniques in Early Stages of Hardware Design." The paper emphasizes that it is critical to identify…

According to Donnelley Financial Solutions' cybersecurity report "Understanding Risk: The Dark Side of Data," dark data poses a significant cybersecurity threat to businesses in the US and the UK. Dark data is defined as data that a company has collected…