A Persian-speaking threat group has been targeting healthcare, energy, and other industries, with an emphasis on the shipping industry. According to a Mandiant report, which identifies the group as UNC3890, the campaign conceals its activity by using…

A team of researchers from various companies has analyzed Electron-based desktop applications and discovered vulnerabilities in several widely used pieces of software.  The researchers stated that Electron is a free and open source framework for…

The Pentagon will deploy local, self-contained electric grids, or microgrids, to 134 Army bases. But first, they put the technology to the test at DefCon, looking for hackers' assistance in identifying potentially crippling vulnerabilities so they can…

Women from across the country recently joined leaders from USCYBERCOM and National Security Agency (NSA) at the NSA's cutting-edge Cybersecurity Collaboration Center (CCC) to learn about the Agency's mission and shed light on the future of cybersecurity…

The US Securities and Exchange Commission (SEC) recently announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.  As part of the scheme, the participating individuals allegedly…

A Chrome 104 update recently announced by Google patches 11 vulnerabilities, including a zero-day that has been exploited in attacks.  Google described the exploited flaw as a high-severity issue related to insufficient validation of untrusted input…

According to a report released by the IT company Okta, government agencies are ahead of corporations in adopting and implementing zero trust security architecture. The report reveals that 72 percent of government organizations are already using a zero…

Honeywell noted in its 2022 Industrial Cybersecurity USB Threat Report that USB storage drives can be used to transport malicious files into and out of industrial facilities. These drives can be used to infect computers with malware or to compromise…

Multiple vulnerabilities in ultra-wideband (UWB) real-time locating systems (RTLS) can allow threat actors to conduct man-in-the-middle (MiTM) attacks and manipulate tag geo-location data. RTLS technology is widely used in manufacturing, public…

According to the Identity Theft Resource Center (ITRC), Google Voice scams led the way in what was a record year for identity-related fraud in 2021.  The ITRC said it received 14,947 reports from consumers during the year, a 26% increase from 2020…

Security researchers at IBM X-Force have found that removable media represents the second greatest threat to operational technology (OT) systems so far this year.  The researchers also found that phishing was the number one initial access vector for…

Xiaomi, the world's third-largest phone manufacturer after Apple and Samsung, announced the patching of a high-severity flaw in its "trusted environment" used to store payment data, which exposed some of its handsets to attacks. Check Point Research…