Security researchers at Sucuri have discovered a new threat campaign designed to trick users into downloading malware capable of hijacking their machine.  The researchers stated that the attacks begin with a malicious JavaScript injection designed…

According to a new study, identity sprawl is a major issue for organizations, with 60 percent reporting as many as 21 separate identities per user. The report from Radiant Logic and Gartner Peer Insights examines the rapid growth of enterprise identity…

Resecurity, a Los Angeles-based cybersecurity firm that protects Fortune 500 companies around the world, has discovered Escanor, a new Remote Administration Tool (RAT) being advertised on the Dark Web and Telegram. The threat actors provide RAT versions…

Hackers stole cryptocurrency by exploiting a zero-day vulnerability in General Bytes Bitcoin ATM servers. When customers used the ATM to deposit or purchase cryptocurrency, the funds were siphoned off by the hackers. General Bytes is a manufacturer of…

One of the UK's largest family-run car dealerships suffered a serious ransomware attack last month, which resulted in data theft and the damage "beyond repair" of some core systems.  Holdcroft Motor Group was hit with a ransom demand after hackers…

The cyber risk intelligence company Cyble has discovered a new Remote Access Trojan (RAT) malware dubbed Borat RAT. RAT malware typically assists cybercriminals in gaining complete control of a victim's system, granting them access to network resources,…

Tanmay Ghai, a research engineer in the Networking and Cybersecurity Division at the University of Southern California's Information Sciences Institute (ISI) and a recent ISI alumnus, won the Viterbi Master's Student Award for Best Research in the…

Edge computing powered by Artificial Intelligence (AI) is already pervasive as drones, smart wearables, and industrial Internet of Things (IoT) sensors contain AI-enabled chips. This enables computing to take place at the "edge" of the Internet, where…

The US Department of Energy (DOE) has announced a $45 million investment to develop, accelerate, and test technology that will protect the electric grid from cyberattacks. Cybersecurity threats to American energy systems have the potential to disrupt…

A new initiative has been launched to help leaders of UK small and medium-sized enterprises (SMEs) protect their businesses from cyberattacks and to avoid the potentially disastrous consequences of a data breach. According to the Cyber Security Breaches…

Application Programming Interface (API) security is where many security teams fall short. There are so many apps and services that rely on APIs in today's increasingly remote, modern work environments that analysts struggle to discover and secure them.…

Slack disclosed that a five-year-old Slack bug shared users' hashed passwords when they interacted with the vulnerable invitation feature. When users created or revoked a shared invitation link, the bug transmitted their hashed passwords to other group…