Attackers have been targeting Steam online gaming platform users with a new phishing tactic involving authentic-looking fake browser windows to steal credentials and take control of accounts. The widespread campaign serves as a warning to businesses that…

The Dissect framework is a game changer in cyber incident response as it enables data acquisition on thousands of systems in hours, regardless of the nature and size of the IT environment, to be investigated following an attack. Over the last ten years,…

Water Labbu is a threat actor who is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims. The FBI issued a warning in July about scam decentralized applications (dApps) that impersonated…

Security researchers at Sophos have discovered that a notorious ransomware group has been leveraging sophisticated techniques to bypass endpoint detection and response (EDR) tools.  BlackByte, which the US government has said poses a serious threat…

Several US agencies have stated that multiple government hacking groups had "long-term" access to a defense company's network. According to a report from the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security…

RatMilad, a novel Android malware, has been observed targeting a Middle Eastern enterprise mobile device while masquerading as a Virtual Private Network (VPN) and phone number spoofing app. The mobile Trojan acts as advanced spyware, receiving and…

Microsoft has issued a warning to Exchange Online users about an increase in password spray attacks, urging those who have yet to disable Basic Auth to set up authentication policies. Password spray attacks, a type of brute-force tactic in which an…

According to new research recently released by Proofpoint and MIT Sloan, there is a disconnect between the boardroom and Chief Information Security Officers (CISOs) globally when evaluating cyber risk. The report reveals that boards are more concerned…

Saiful Karim, associate professor and maritime security law expert at Queensland University of Technology (QUT), examined the threats to maritime cybersecurity in a study published in Marine Policy and recommended using a specific, international, and…

According to new research from Nexusguard, the number of Distributed Denial-of-Service (DDoS) attacks has increased by 75.6 percent, but average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes decreased by 56 percent and 66.8 percent, respectively.…

Security researchers at SonarSource have recently discovered a severe vulnerability impacting Packagist, which could have been abused to mount supply chain attacks targeting the PHP community.  Packagist is the default repository for PHP dependency…

Australian telecom giant Optus recently discovered that nearly 2.1 million of its customers suffered a leak of their personal information during the data breach the company suffered late last month.  The company hired Deloitte to lead a forensic…