Microsoft recently discovered a high-severity flaw in the Android version of the TikTok app, which has been installed more than 1.5 billion times so far via the Google Play Store.  The researchers discovered the high-severity vulnerability in the…

According to a new study released by the cybersecurity asset management firm Axonius Inc., Software-as-a-Service (SaaS) security is lagging behind, despite enterprise adoption of SaaS. The study, based on a survey of enterprises in the US and Europe,…

Cyberbit, the world's leading cyber readiness and skills development platform provider, has announced the International Cyber League (ICL): Collegiate Cup, which will launch on October 18, 2022. The ICL: Collegiate Cup immerses students in real-world…

A new report by eSentire has connected the data breach affecting Cisco Talos systems in May with an Evil Corp-affiliate group.  More specifically, eSentire's Threat Response Unit (TRU) discovered that the IT infrastructure used to attack Cisco was…

Thousands of Android apps contain hard-coded secrets, meaning that a malicious actor, even if they are not a highly skilled one, could gain access to Application Programming Interface (API) keys, Google Storage buckets, unprotected databases, and other…

Starting this week, IT Services at the University of Arkansas will send randomized spam tests to faculty and staff.  If the employees click a link in a suspicious test email, they will be sent to a training page that educates them on how to…

Recently WordPress announced the release of version 6.0.2 of the content management system (CMS), with patches for three security bugs, including a high-severity SQL injection vulnerability.  Identified in the WordPress Link functionality,…

The Cuba ransomware group has claimed responsibility for the recent attack on the Montenegro government, which reported that it was the target of cyberattacks linked to Russia. According to the government, the cyberattacks appear to be targeting a wide…

The National Police of Ukraine (NPU) shut down a network of call centers used by a cybercrime group focused on financial scams and targeting victims of cryptocurrency scams under the guise of assisting them in recovering their stolen funds. The…

Barracuda released its fourth-annual threat research report, which examines ransomware attack patterns from August 2021 to July 2022. The top five industries for the 106 highly publicized attacks studied by Barracuda's researchers are education,…

Researchers have identified five different malicious Chrome extensions masquerading as Netflix viewers and more. These extensions have been found to monitor user activity and insert code into any e-commerce sites they visit, allowing cybercriminals to…

The deep field image taken by NASA's James Webb Space Telescope (JWST) has been used as a lure by a persistent Golang-based malware campaign called "GO#WEBBFUSCATOR" to deploy malicious payloads on infected systems. According to Securonix, the…