The global cybersecurity nonprofit organization (ISC)2 has announced three new initiatives to address the cybersecurity workforce gap, combat burnout among existing cyber talent, and enable businesses to stay ahead of hackers. According to the most…

The National Institute of Standards and Technology (NIST) has completed the final product description to guide the intersection of telehealth offerings and smart home devices. In new guidance dubbed "Mitigating Cybersecurity Risk in Telehealth Smart Home…

Traffers, also known as "workers," are cybercriminals who redirect Internet users' network traffic to malicious content that they operate, which is usually malware. Traffers typically work in teams to compromise websites to hook traffic and direct it to…

Security researcher Michael Bargury, cofounder and CTO of the security firm Zenity, discovered a way to use Microsoft's software automation tool to send ransomware to connected machines and steal data from devices. The attack uses the automation tool as…

Researchers at the Associated Press (AP) discovered that various law enforcement agencies in Southern California and North Carolina have deployed an obscure cellphone tracking tool dubbed "Fog Reveal," sometimes without search warrants.  The…

During a new study, security researchers at Flashpoint analyzed 11,860 vulnerabilities in the first six months of 2022.  The researchers stated that vulnerability management systems based on the Common Vulnerability Scoring System (CVSS) v2 scoring…

Neopets, a game that lets players create and care for virtual pets inside a fantasy world, has released an "Important Announcement" urging its members to update their passwords and confirming that the company's IT systems were compromised.  The…

Security researchers at Cyera stated that cloud sprawl is a big issue for organizations, with business teams using cloud systems and services on their own, often without IT oversight.  That leads to cloud data sprawl as data is scattered across…

A previously unknown group dubbed "JuiceLedger" has been identified as the threat actor behind a recent phishing campaign specifically targeting users of the Python Package Index (PyPI). The threat actor first appeared earlier this year and is focused on…

A paper recently published by James Cook University Singapore describes how an attacker could covertly harvest fingerprints using off-the-shelf hardware through a smart lock hack technique called droplock. According to author and senior cybersecurity…

A security flaw in Google Chrome and Chromium-based alternatives could allow malicious web pages to overwrite clipboard content without user consent or interaction simply by visiting them. According to developer Jeff Johnson, the clipboard poisoning…

The Health Information Sharing and Analysis Center (Health-ISAC) published a guide to help healthcare CISOs better understand and implement zero trust security strategies. Identity and Access Management (IAM), cloud security gateways, data and network…