According to a new advisory published by the US National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), Chinese state-sponsored threat actors continue to exploit known…

Ransomware operators have shifted their focus away from politically motivated attacks against Russia and toward their usual targets, including the US, China, and Israel. According to the ESET T2 2022 Threat Report, the total number of Remote Desktop…

For years, researchers have known that the COVID-19 pandemic was exploited to set up effective phishing attacks and other social engineering schemes. Proofpoint's new research provides more insight into the use of the pandemic by cybercriminal groups,…

A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one-third of Australia’s population was stolen has resulted in its first arrest recently.  The police launched Operation…

According to a cloud database provider, only one-third of PostgreSQL databases connected to the Internet use Secure Sockets Layer (SSL) for encrypted messaging. Bit.io, which provides a drag-and-drop PostgreSQL database as a service, used shodan.io to…

VMware recently announced patches for a vCenter Server vulnerability that could lead to arbitrary code execution.  The vCenter Server, a centralized management utility, is used for controlling virtual machines and ESXi hosts, along with their…

A million Facebook users have been "exposed" to seemingly harmless smartphone apps designed to steal their social network passwords, according to Meta. So far this year, Meta has identified over 400 malicious apps tailored for smartphones powered by…

The US authorities are urging voters to critically evaluate any information they receive about the upcoming midterms after warning that foreign actors may seek to sow doubt about the result.  The FBI and the US Cybersecurity and Infrastructure…

Scientists have made significant progress in developing Artificial Intelligence algorithms that can analyze patient data and create new ways to diagnose a disease or predict which treatments work best for different patients. The success of those…

After a hacker stole at least $100 million in cryptocurrency, the world's largest cryptocurrency exchange suspended trading on a smart contract blockchain. The hacker made $586 million from the Binance Smart Chain (BSC) attack. Binance CEO Changpeng "CZ…

By distributing 200 malicious packages and fake hacking tools on code hosting platforms such as NPM and GitHub, the LofyGang threat actors have built a credential-stealing enterprise. Researchers have discovered these packages in supply chain attacks…

According to researchers, attackers are increasingly focused on crafting attacks that are specialized to circumvent Microsoft's default security, thus requiring a shift in defense posture for organizations in the future. A new report from Avanan, which…