Google recently published a security bulletin describing the latest round of patches for the Android operating system.  Three dozen vulnerabilities have been fixed, including a critical issue that can be exploited for remote code execution over…

The US authorities have recently indicted a Russian national for allegedly orchestrating a Kremlin-backed “malign influence campaign” designed to sow discord and interfere in elections.  Aleksandr Viktorovich Ionov is accused of conspiring with at…

Venafi has released findings from a dark web investigation into the spread of ransomware via malicious macros. Between November 2021 and March 2022, Venafi collaborated with the criminal intelligence provider Forensic Pathways to analyze 35 million dark…

On July 25th, Encevo group, an energy supplier based in Luxembourg, stated that its subsidiaries had been breached in a ransomware attack.  They are currently investigating the extent of the damage done.  It has now been discovered that the…

Security researchers have discovered a new vulnerability dubbed ParseThru that affects Golang-based applications and can be exploited to gain unauthorized access to cloud-based applications. According to the cybersecurity firm Oxeye, the newly discovered…

Bookmark synchronization has become a standard feature in modern browsers as it allows Internet users to ensure that the changes they make to bookmarks on one device are reflected on all of their devices at the same time. However, the same useful browser…

Researchers discovered 3,207 mobile apps that expose Twitter API keys to the public, potentially allowing a threat actor to hijack users' connected Twitter accounts. The discovery was made by CloudSEK, a cybersecurity firm that examined various apps for…

Researchers with the Mineta Transportation Institute (MTI) urge transit agencies to implement a unified risk management strategy as well as regulators to provide more guidance. According to a recent MTI report, transit agencies are unprepared for hacks…

Researchers discovered that Log4j vulnerabilities are now being used to deploy Cobalt Strike beacons via the Windows Defender command line tool. Sentinel Labs cybersecurity researchers recently discovered the new method used by an unknown threat actor,…

Using a $7.5 million National Science Foundation (NSF) grant, University of Florida (UF) engineers are leading a new effort to understand how current technologies such as smartphones and video conferencing marginalize groups such as the poor, children…

According to researchers from Palo Alto Networks, attackers play favorites when looking at which software vulnerabilities to target.  The researchers stated that nearly one in three, or 31%, of incidents analyzed by Unit 42 in its 2022 "Incident…

Security experts at Zscaler have analyzed the new variant of the known Raccoon Stealer malware.  The researchers stated that the latest version of the malware is written in C, unlike previous versions, which were mainly written in C++.  Raccoon…