Estonia moved to boost cybersecurity in 2007 after suffering extensive attacks on public and private websites that it blamed on Russians angry at its removal of a Soviet-era statue.  An Estonian government official recently stated that Estonia has…

The North Korean Advanced Persistent Threat (APT) group Lazarus is back with a cyberespionage campaign targeting engineers via a fake job posting that attempts to spread macOS malware. The campaign's malicious Mac executable targets both Apple and Intel…

Attackers could have exploited a vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, to extract users' personal data and device data, including…

Bumblebee, a malware loader, is increasingly being used by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. According to Cybereason researchers Meroujan…

DarkTortilla is a highly pervasive .NET-based crypter that has been flying under the radar since around 2015 and can deliver various malicious payloads. It continues to evolve rapidly, with nearly 10,000 code samples uploaded to VirusTotal over a 16-…

A hacker by the name of "Sick Codes" demonstrated a new jailbreak for a John Deere tractor at DefCon, which enabled him to control a tractor model through its display. Following the presentation of the exploit at DefCon, it quickly gained attention from…

Apple recently rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.  Apple confirmed in-the-wild exploitation of the vulnerabilities in separate advisories warning about code…

RMIT University is a partner in SELFY, a new European research project aimed at improving the safety of digitally connected vehicles. By 2026, approximately 50 million connected and autonomous cars are expected to circulate in Europe as part of a…

The world’s largest vendor-agnostic bug bounty program  Zero Day Initiative (ZDI), has warned that poor quality vendor patching is exposing organizations to unnecessary extra risk and could be costing them upwards of $400,000 per update.  Trend…

A Persian-speaking threat group has been targeting healthcare, energy, and other industries, with an emphasis on the shipping industry. According to a Mandiant report, which identifies the group as UNC3890, the campaign conceals its activity by using…

A team of researchers from various companies has analyzed Electron-based desktop applications and discovered vulnerabilities in several widely used pieces of software.  The researchers stated that Electron is a free and open source framework for…

The Pentagon will deploy local, self-contained electric grids, or microgrids, to 134 Army bases. But first, they put the technology to the test at DefCon, looking for hackers' assistance in identifying potentially crippling vulnerabilities so they can…