A new Cisco Talos Intelligence Group report reveals new tools used in Avos ransomware attacks. Avos is a ransomware group that has been active since July 2021. The group follows the Ransomware-as-a-Service (RaaS) business model, meaning they provide…

According to Google's threat analysis team, hacking tools developed in Italy were used to spy on Apple and Android smartphones in Italy and Kazakhstan, shedding light on a thriving spyware industry. Spyware developed by RCS Lab targeted the phones using…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning pertaining to threat actors, including state-backed hacking groups, using the Log4Shell Remote Code Execution (RCE) vulnerability to hack…

The Biden administration continued its efforts to fortify US cyber defenses by signing two bills into law, both with the goal of facilitating the free flow of cybersecurity expertise and resources between federal agencies and down to municipalities in…

The Conti cybercrime group has become highly organized, running one of the most aggressive ransomware operations. As a result, affiliates were able to breach over 40 firms in a month. Security researchers dubbed the hacking operation ARMattack and…

A cybersecurity professor at the University of Nebraska at Omaha (UNO) is leading research aimed at protecting against hackers and cyber criminals who may target Nebraska's agricultural industry and beyond, from farmers in the fields to large-scale…

According to a study by the security vendor strongDM that polled 600 IT, security, and DevOps workers, access restrictions meant to secure corporate systems may have the adverse effect of causing employees to find workarounds and share credentials with…

Amazon is developing new technology for its voice assistant Alexa, which will be able to mimic any human's voice, dead or alive, using less than a minute of recorded audio.  At a conference in Las Vegas, Amazon's senior vice president and head…

Researchers at ETH Zurich found a number of critical security vulnerabilities in the MEGA cloud storage service that could allow malicious actors to break the confidentiality and integrity of user data. The researchers explain how MEGA's system does not…

Google recently released Chrome 103 to the stable channel with patches for 14 vulnerabilities, including nine reported by external researchers.  The most severe vulnerability is CVE-2022-2156, which is described as a critical-severity use-after-free…

A Chinese hacking group has been observed using a low-tech but effective method to steal money from Web3 wallets, which involves distributing altered versions with holes programmed into them. The hackers cloned legitimate wallet distribution sites,…

The city of Amagasaki in western Japan recently discovered that it had lost a USB flash drive containing the personal information of its roughly 460,000 residents.  The lost data included the residents' names, addresses, and dates of birth, as well…