Women from across the country recently joined leaders from USCYBERCOM and National Security Agency (NSA) at the NSA's cutting-edge Cybersecurity Collaboration Center (CCC) to learn about the Agency's mission and shed light on the future of cybersecurity…

The US Securities and Exchange Commission (SEC) recently announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.  As part of the scheme, the participating individuals allegedly…

A Chrome 104 update recently announced by Google patches 11 vulnerabilities, including a zero-day that has been exploited in attacks.  Google described the exploited flaw as a high-severity issue related to insufficient validation of untrusted input…

According to a report released by the IT company Okta, government agencies are ahead of corporations in adopting and implementing zero trust security architecture. The report reveals that 72 percent of government organizations are already using a zero…

Honeywell noted in its 2022 Industrial Cybersecurity USB Threat Report that USB storage drives can be used to transport malicious files into and out of industrial facilities. These drives can be used to infect computers with malware or to compromise…

Multiple vulnerabilities in ultra-wideband (UWB) real-time locating systems (RTLS) can allow threat actors to conduct man-in-the-middle (MiTM) attacks and manipulate tag geo-location data. RTLS technology is widely used in manufacturing, public…

According to the Identity Theft Resource Center (ITRC), Google Voice scams led the way in what was a record year for identity-related fraud in 2021.  The ITRC said it received 14,947 reports from consumers during the year, a 26% increase from 2020…

Security researchers at IBM X-Force have found that removable media represents the second greatest threat to operational technology (OT) systems so far this year.  The researchers also found that phishing was the number one initial access vector for…

Xiaomi, the world's third-largest phone manufacturer after Apple and Samsung, announced the patching of a high-severity flaw in its "trusted environment" used to store payment data, which exposed some of its handsets to attacks. Check Point Research…

Tamper protection in Microsoft Defender for Endpoint on macOS is now generally available, according to Microsoft. Tamper protection enables administrators who work with Apple hardware in their environment to prevent unauthorized removal of Microsoft…

RedAlpha, a Chinese state-sponsored threat activity group, has been linked to a multi-year credential theft campaign targeting global humanitarian, think tank, and government organizations. RedAlpha most likely attempted to gain access to email accounts…

The 2022 USENIX Security Symposium Test of Time Award was given to University of Michigan researchers for their 2012 study, "Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices." The paper, written by Professor J. Alex Halderman,…