Censys has announced that it mapped several servers involved in the MedusaLocker criminal network as proxies or ransomware victims by scanning the Internet for common red-teaming tools. In late June, the company published a report on the prevalence of…

Atlassian recently announced patches for two critical Servlet Filter vulnerabilities that impact multiple products across its portfolio.  Servlet Filters are pieces of Java code designed to intercept and process HTTP requests sent between a client…

The US Government has recently launched a new initiative to boost the number of people in cybersecurity-related apprenticeship programs, thereby tackling the well-publicized cyber-skills gap.  The Cybersecurity Apprenticeship Sprint campaign is…

Cisco recently announced the availability of patches for multiple vulnerabilities in Nexus Dashboard, including a critical-severity issue that could lead to the execution of arbitrary commands.  The Nexus Dashboard is a data center management…

Apple's security response team has recently pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS, and iPadOS platforms.  Apple noted that the patches cover numerous gaping memory safety flaws, some…

Researchers from TU Darmstadt and Zhejiang University in Hangzhou discovered that touchscreens on mobile devices can be attacked and manipulated via charging cables and power supply units. The researchers used charging cables and power adapters to launch…

'Lightning Framework' malware targets Linux systems and can be used to backdoor infected devices via SSH and deploy multiple types of rootkits. Lightning Framework, described as a "Swiss Army Knife" in a report published by Intezer, is a modular malware…

The Atlas Intelligence Group (AIG), also known as Atlantis Cyber-Army, has recently emerged with what appears to be a different and potentially trend-setting cybercrime model. According to Cyberint's researchers, the threat actor sells various services…

Security researchers at SynSaber found that 681 industrial control system (ICS) product vulnerabilities were disclosed in the first half of 2022 by the US Cybersecurity and Infrastructure Security Agency (CISA).  Slightly more than the first half of…

Evilnum, an Advanced Persistent Threat (APT) actor, is showing signs of activity targeted at European financial and investment sectors. Evilnum is a backdoor that allows malicious actors to steal data or load additional payloads, according to Proofpoint…

Researchers at Penn State developed a smart hardware platform or chip to mitigate energy consumption while bolstering security. Although software-based security modules are powerful, they have a number of limitations, so the researchers created a…

The Log4j vulnerabilities discovered in 2021 remain a threat to organizations globally. Therefore, the Cyber Safety Review Board (CSRB) issued a set of recommendations aimed at mitigating that risk and emphasizing the need for more funding to support the…