The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail the top malware strains of 2021. The ACSC and CISA have been monitoring ransomware, rootkits, spyware…

The NHS is currently battling a ransomware attack that has disrupted patient referrals, appointment bookings, and other operations.  The health service is working through its incident response process after managed service provider Advanced first…

Twitter recently revealed that a zero-day vulnerability in Twitter's code base was responsible for a major data breach that is thought to have affected 5.4 million users.  Twitter stated the threat actor who exploited the vulnerability is hoping to…

According to researchers from Germany's University of Passau, the way apps fingerprint user behavior poses a greater risk to user privacy than browser fingerprinting. The researchers claimed in a preprint published on arXiv that fingerprints in hybrid…

Sen. Maggie Hassan, D-NH, has introduced legislation that aims to strengthen small businesses' cybersecurity posture by providing funding to Small Business Development Centers assisting businesses with security. The Small Business Cybersecurity Act would…

The US Coast Guard intends is planning to invest $93 million in fiscal year 2022 to upgrade its IT systems and infrastructure in order to address long-standing problems. However, according to a new report from the Government Accountability Office (GAO),…

Workplace productivity software giant Slack recently forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials.  Slack alerted users to the issue via email and followed up with a…

Researchers at ReversingLabs discovered a new ransomware family targeting Linux-based systems in South Korea.  Dubbed GwisinLocker, the malware was detected by researchers on July 19 while undertaking successful campaigns targeting firms in the…

The US Cybersecurity and Infrastructure Security Agency (CISA) recently informed organizations that a recently patched vulnerability affecting the Zimbra enterprise email solution has been exploited in attacks.  The security hole is tracked as CVE-…

The US Department of Homeland Security (DHS) issued a warning that attackers could use critical security flaws in unpatched Emergency Alert System (EAS) encoder/decoder devices to send fake emergency alerts over TV and radio networks. In the event of a…

Cybersecurity experts at Deepwatch spotted activity from threat actors that "highly likely" exploited a security flaw in the Atlassian Confluence server (CVE-2022-26134) to deploy a new backdoor dubbed "Ljl" against several unnamed organizations.  …

Dark Utilities is a new service that has already attracted 3,000 users because of its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems. It is marketed as a way to enable remote access, command…