Recently at Black Hat USA 2022, Veracode announced the enhancement of its Continuous Software Security Platform with substantial improvements to its integrated developer experience.  Some of the new features include extended integrations to support…

A new blueprint developed by the Ransomware Task Force aims to provide the small and medium-sized businesses most vulnerable to ransomware attacks with a "common language" that can help leaders understand what must be done to prevent them. The "Blueprint…

According to a new report by the Managed Security Service Providers (MSSP) Nuspire, malware events increased by more than 25 percent, botnets doubled, and exploit activity increased by nearly 150 percent in the second quarter of this year. Based on…

Hackers-for-hire involve secret cyber experts or groups that specialize in infiltrating organizations to gather intelligence. They provide their services to people who are having difficulty breaking into an organization for various reasons, such as a…

Based on the evidence of active exploitation, the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its list of Known Exploited Vulnerabilities (KEV). One of them has been a zero-day bug…

According to the ExtraHop Benchmarking Cyber Risk and Readiness report, a significant percentage of organizations expose insecure or highly sensitive protocols, such as SMB, SSH, and Telnet, to the public Internet. Whether intentional or unintentional,…

Researchers from the Binary Analysis and Systems Security (BASS) group at USC Viterbi's Information Sciences Institute (ISI), in collaboration with Arizona State University, Cisco Systems Inc., and EURECOM, have developed a new approach for quickly…

There are still serious issues regarding online safety and ethics that can harm less experienced users. Researchers have built upon familiar human verification techniques to incorporate discrete learning into the process so users can learn about online…

Security researchers from Kaspersky have recently published a new advisory providing additional technical details and attribution findings regarding the Maui ransomware incident unveiled by the Cybersecurity and Infrastructure Security Agency (CISA) in…

A group of computer scientists discovered an architectural flaw in certain recent Intel CPUs that can be exploited to reveal SGX enclave data such as private encryption keys. It is referred to as AEPIC Leak because it affects the memory-mapped registers…

The United States has recently placed sanctions on Tornado Cash, a leading "crypto mixer" for transactions in virtual currency that US officials describe as a hub for laundering stolen funds, including by North Korean hackers. The Treasury stated that…

Mobile phones can be abused to enable stalking through location tracking, account compromise, and remote surveillance methods. Although experts can assist victims in detecting and recovering from this type of technology abuse, researchers at Carnegie…