A new Android banking malware called Revive impersonates the two-factor authentication (2FA) application required to access BBVA bank accounts in Spain. Rather than infecting customers of various financial institutions, this Trojan has a more focused…

Because of the lack of a Common Vulnerability Enumeration (CVE) program, such as the one maintained by MITRE for publicly disclosed software security issues, organizations have traditionally struggled to track vulnerabilities in public cloud platforms…

Cybersecurity advancements made by the Georgia Tech Research Institute (GTRI) in collaboration with the US Navy could soon help strengthen protection for the Automated Identification System (AIS), which is used to track and identify commercial and…

The National Institute of Standards and Technology (NIST) has published the final version of Special Publication (SP) 800-219, called "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." This document delves into…

On Monday, a cyberattack temporarily knocked out public and private websites in Lithuania, with a pro-Moscow hacker group reportedly claiming responsibility.   A distributed-denial-of-service (DDOS) attack targeted a secure national data network.…

The US House of Representatives has recently passed a new cybersecurity bill named the “Industrial Control Systems Cybersecurity Training Act. Specifically, the Industrial Control Systems Cybersecurity Training Act would amend the Homeland Security Act…

Dr. Mythili Menon, assistant professor of English and linguistics and director of linguistics at Wichita State University (WSU), was recently awarded $296,470 as part of the National Science Foundation's Early-concept Grants for Exploratory Research (…

The UK government is urging the cybersecurity industry to submit feedback on new proposals to place new security requirements on app store operators and developers.  The consultation period for the plans ends at 11.45 pm BST on Wednesday, June 29,…

Security researchers have analyzed Black Basta ransomware and stated that it had become a significant new threat in just a couple of months.  Evidence suggests it was still in development in February 2022 and only became operational in April 2022.…

Resecurity, Inc. (USA) has discovered an increase in phishing content delivered via Azure Front Door (AFD), a Microsoft cloud CDN service. In one of the malicious campaigns, the identified resources impersonated various services that appeared to be…

The Federal Trade Commission (FTC) recently announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up.  CafePress is an online…

A new phishing method uses Microsoft Edge WebView2 applications to steal authentication cookies from victims, enabling threat actors to log into stolen accounts, bypassing multi-factor authentication (MFA). Stolen login credentials are widely available…