The US Cybersecurity and Infrastructure Security Agency (CISA) recently published a user guide to help organizations prepare for the November 1, 2022, move from Traffic Light Protocol (TLP) version 1.0 to TLP 2.0.  TLP is used to inform recipients…

Cyberattacks can be highly damaging to businesses, resulting in significant financial losses. According to recent Atlas VPN research, on average, 37 percent of businesses lose more than $100,000 per cyberattack. Some companies lose even more, with 22…

Mexico's president confirmed recently that a massive trove of emails from Mexico's Defense Department is among electronic communications taken by a group of hackers from military and police agencies across several Latin American countries.  The…

Hornetsecurity surveyed more than 2,000 IT leaders, 24 percent of which have been victims of a ransomware attack, with 20 percent of attacks occurring in the last year. Cyberattacks are becoming more common. According to last year's Hornetsecurity…

A new supply chain attack compromises networks by using a trojanized version of the Comm100 Live Chat application, which was actively available for download on Comm100's official website until September 29. The Comm100 Live Chat application, which has…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of vulnerabilities used in attacks, including a Bitbucket Server Remote Code Execution (RCE) flaw and two…

The North Korea-backed Lazarus Group has been seen deploying a Windows rootkit by exploiting a vulnerability in a Dell firmware driver, underscoring new tactics used by the state-sponsored adversary. The Bring Your Own Vulnerable Driver (BYOVD) attack,…

The Vice Society ransomware group has leaked data and documents stolen from the Los Angeles Unified School District (LAUSD). LAUSD Superintendent Alberto M. Carvalho revealed the exposure of stolen data and announced the launch of a new hotline for…

A new report from the vulnerability management platform Rezilion and the Ponemon Institute finds that vulnerability backlogs are overwhelming DevSecOps, with nearly half of those who participated in the survey reporting backups of 100,000 to 1.1 million…

Data connectivity requires cybersecurity and safety for mobile work machines used in mining, port logistics, forestry, and more. Turku School of Economics (TSE) began a two-year research project aimed at developing new cybersecurity services for machine…

The Electronic Frontier Foundation (EFF) urges the Federal Trade Commission (FTC) to investigate privacy and security concerns with daycare and early education apps. A letter sent to the FTC by the EFF builds on the research conducted by Alexis Hancock,…

Security researchers at eSentire's Threat Response Unit (TRU) have discovered that Xtreme RAT and Cryptominer have been delivered through pirated copies of the Windows operating system (OS) software.  The researchers noted that several malicious…