According to a new study conducted by Cyren, enterprise email perimeter protections are often ineffective in blocking well-crafted email attacks. In one month, an average of 75 malicious messages per 100 mailboxes pass through email security filters such…

Security researchers at Lookout have analyzed a sophisticated Android spyware family that appears to have been created to serve nation-state customers.  The spyware was dubbed Hermit and appears to be the first publicly identified mobile spyware…

Researchers at the security product recommendation service Safety Detectives reported discovering data on nearly a million customers exposed on an Elasticsearch server run by the Malaysian point-of-sale (POS) software vendor StoreHub. According to Safety…

Security researchers at PIXM security have analyzed a well crafted phishing message sent via Facebook Messenger that ensnared 10 million Facebook users and counting.  The researchers noted that the scam is still active and continues to push victims…

A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could enable threat actors to bypass security measures and log into endpoints with non-default configurations. According to a Cisco advisory, the company…

A "dangerous piece of functionality" in the Microsoft 365 suite has been uncovered that might be used by a malicious actor to hold assets stored on SharePoint and OneDrive at ransom as well as execute attacks on cloud infrastructure. According to…

A threat actor called 'Blue Mockingbird' is exploiting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by taking over system resources. The attacker exploited CVE-2019-18935, a critical severity (CVSS v3.1…

Citrix is advising users of its Application Delivery Management (ADM) solutions to update their systems to protect themselves from two newly discovered vulnerabilities tracked under CVE-2022-27511 and CVE-2022-27512. The first vulnerability could allow…

The Shoprite Group, one of the largest supermarket chains in Southern Africa, has been infected with ransomware. The chain recently issued a statement announcing the cyberattack for which the RansomHouse ransomware group claimed responsibility. The…

A team of researchers from Purdue University, the University of California, Santa Barbara, and Swiss Federal Institute of Technology Lausanne (EPFL) received a $3.9 million grant from the Defense Advanced Research Projects Agency (DARPA) in support of…

A team of researchers from North Carolina State University and Dokuz Eylul University demonstrated the first side-channel attack on homomorphic encryption, which could be used to leak data while the encryption process is in progress. They were not able…

According to an investigation by Cybernews, free VPN software provider BeanVPN has reportedly left almost 20GB of connection logs accessible to the public.  Cybernews stated that the cache of 18.5GB connection logs allegedly contained more than 25…