Cofense analysts recently conducted a five-week experiment to gain insight into how scammers use gift cards in Business Email Compromise attacks (BEC). The email security firm bought $500 worth of trackable gift cards to see what scammers did with them.…

Attackers are still attempting to infect developers' systems with the W4SP Stealer, a Trojan designed to steal cryptocurrency information, exfiltrate sensitive data, and collect credentials from developers' systems. According to a Phylum advisory, a…

Google has proposed a set of five principles for Internet of Things (IoT) device security labeling, with the goal of increasing security and transparency for Internet-connected electronic devices. While acknowledging that there has been increased focus…

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide containing…

According to new research by Microsoft, there has been a “disturbing” increase in aggressive nation state cyber activity in the past year.  The findings were published in the 2022 Microsoft Digital Defence Report (MDDR).  The report showcases…

Jeppesen, a subsidiary of Boeing that provides navigation and flight planning tools, has confirmed that it is dealing with a cybersecurity incident, which has resulted in some flight disruptions. A red banner was added to the company's website, alerting…

Trains stopped in Denmark recently as a result of a cyberattack.  The incident shows how an attack on a third-party IT service provider could result in significant disruption in the physical world.  According to a Danish broadcaster, all trains…

Chile's Atacama Large Millimeter Array (ALMA) Observatory has suffered a cyberattack that has taken its website offline and forced it to suspend all observations. In the aftermath, email services were also restricted, demonstrating the hack's broad…

Cisco has patched several vulnerabilities in some of its products, including critical flaws in identity, email, and web security products. The most severe flaw addressed by Cisco is a Cross-Site Request Forgery (CSRF) flaw, tracked as CVE-2022-20961 (…

According to Avanan researchers, attackers are using Microsoft Dynamics 365 Customer Voice to circumvent email filters and deliver phishing emails into Microsoft users' inboxes. Microsoft Dynamics 365 is an Enterprise Resource Planning (ERP) and Customer…

The LockBit ransomware gang has claimed responsibility for a cyberattack on Continental, a German multinational automobile group. LockBit also claims to have stolen data from Continental's systems and threatens to publish it on their data leak website if…

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued three Industrial Control Systems (ICS) advisories regarding multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial…