Computer scientists at the University of Twente in the Netherlands discovered that the interaction between the Internet and local networks could be examined to reveal private data and support tracking. They examined how the Domain Name System (DNS)…

Security researchers at Microsoft Threat Intelligence Center (MSTIC) discovered that threat actors associated with North Korea have been weaponizing legitimate open–source software targeting employees in organizations across multiple industries.  …

Projects led by scientists in the North Atlantic Treaty Organization (NATO) and partner countries aim to use the power of quantum technology to make communications unhackable. The use of quantum technologies in the security and defense sectors could help…

Federal agencies are planning to spend billions of dollars each year to support their IT and cybersecurity efforts, which will include migrating IT resources to secure, cost-effective commercial cloud services. Cloud computing allows agencies to access…

Microsoft has confirmed that it’s aware of two Exchange Server zero-day vulnerabilities that have been exploited in targeted attacks and are currently working on patches.  GTSC, a cybersecurity company based in Vietnam, reported seeing attacks…

In 2022, several of the world's leading semiconductor companies were targeted with ransomware attacks, extortion attempts, and other malicious activity. Recorded Future has published a report outlining eight different cyberattacks on semiconductor firms…

The US Department of Defense (DoD) and HackerOne recently announced the results of the Hack US one-week bug bounty challenge that ran from July 4 to July 11, 2022.  The DoD announced it was offering a total bounty pool of $110,000, representing $75,…

Arctic Wolf Networks released a report finding that there has been a significant increase in Business Email Compromise (BEC) attacks in the first half of this year. According to data analysis and insights from Arctic Wolf's incident response unit Tetra…

Security researchers at Vade have discovered a recent phishing campaign exploiting Capital One's new partnership with verification service Authentify, sending thousands of scam emails to the bank's customers to try and trick them into uploading images of…

The European Commission has recently publicized new liability rules on digital products and artificial intelligence (AI) in order to protect consumers from harm, including in cases where cybersecurity vulnerabilities fail to be addressed.  The two…

Mandiant has released a report detailing novel malware that attacks VMware hypervisors, stating that the state-sponsored hackers behind it may be shifting their targets from workstations to virtual environments where Endpoint Detection and Response (EDR…

GoSecure researchers have found that a person's country of residence influences the strength of their password selection. They discovered four primary macro-social factors that strongly correlate with positive password performance, which is measured by…