Findings from the IT security firm Barracuda Networks reveal that adversaries use HTML attachments the most in cyberattacks. Olesia Klevchuk, Principal Product Marketing Manager for email security at Barracuda Networks, pointed out that these attacks are…

Fortinet recently published security advisories to inform customers about vulnerabilities affecting several of the company's products.  The cybersecurity firm's latest batch of monthly advisories describes roughly a dozen vulnerabilities identified…

Security researchers at Cisco’s Talos threat intelligence and research unit have identified several critical vulnerabilities in a widely used industrial cellular IoT gateway made by Chinese company Robustel.  The affected product is the R1510 router…

In a new campaign, hackers are abandoning the Cobalt Strike post-exploitation toolkit in favor of Brute Ratel C4 (BRc4). BRc4 is the latest upstart in the world of red-team tooling. It is an adversarial attack simulation tool designed for penetration…

A newly discovered Linux malware, dubbed OrBit by Intezer Labs, is being used to steal information from backdoored Linux systems and infect all running processes. OrBit hijacks shared libraries to intercept function calls by modifying the LD PRELOAD…

Russian users of Google Chrome, Opera, and Mozilla Firefox browsers are the target of an adware campaign involving a malicious browser extension with 350 variations disguising itself as a Google Translate add-on. The extensions are installed onto a…

Customers of the network-attached storage (NAS) company QNAP were urged to safeguard their equipment from cyberattacks involving the data-encrypting Checkmate ransomware. Attacks are mostly focused on accounts with weak passwords that are easy targets…

Researchers from Ruhr-Universität Bochum (RUB), Westfälische Hochschule, and the Max Planck Institute for Security and Privacy in Bochum, in collaboration with an industry partner, analyzed the security and privacy of 42 daycare apps from Europe and the…

The existing public-key cryptography, which is susceptible to quantum-based attacks, will be replaced by a new post-quantum cryptographic standard, according to the National Institute of Standards and Technology (NIST). The term "post-quantum…

Security researchers at Salt Labs found that a cryptocurrency wallet service provider serving over 2 million users worldwide and managing about $3 billion worth of Bitcoin contains API vulnerabilities tied to how external authentication logins were…

The US Department of Defense (DoD) unveiled an experimental bug bounty program on July 4th, offering cash prizes to white hat hackers. Since 2016, the Pentagon has experimented with accepting vulnerability reports from security researchers. Most recently…

Small businesses are often more vulnerable to cyberattacks because they lack the time, resources, and, in some cases, skills to prepare for and defend against an attack, as well as to mitigate and remedy any consequences. Therefore, the Australian…