According to new Microsoft research, two of the most prolific affiliate threat organizations, DEV-0237 and DEV-0504, which have been linked to various ransomware families, including Hive, Conti, and Ryuk, are now using the BlackCat Ransomware-as-a-…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory on protection against cyber threats…

SAP, a business software and solutions provider, recently released several new security notes on its June 2022 security patch day.  In particular, the document outlined ten new notes and two updated ones.  One vulnerability mentioned in SAP's…

Around March 2022, a new peer-to-peer botnet called Panchan emerged in the wild, mining cryptocurrencies on Linux computers in the education sector. Panchan is equipped with SSH worm functions such as dictionary attacks and SSH key abuse, allowing rapid…

On March 29, the FBI issued a warning about an ongoing and extensive phishing campaign aimed at US election officials. Since October 2021, attackers have attempted to obtain officials' login credentials in at least nine states by using fake invoice…

Security researchers at Digital Shadows Photon Research stated that passwordless technology might be one of the most hyped categories in cybersecurity at the moment, but the reality on the ground is that passwords are still widely entrenched and wildly…

A hacktivist group named DragonForce Malaysia has claimed responsibility for attacking and defacing at least 70 Indian government and private sector websites. According to the Times of India, the group claims the attacks are an act of retaliation for…

Splunk recently announced the release of out-of-band patches that address multiple vulnerabilities across Splunk Enterprise, including a critical issue that could lead to arbitrary code execution.  Splunk uses Splunk Enterprise deployment servers to…

A team of academic researchers from the University of Texas at Austin, the University of Illinois Urbana-Champaign, and the University of Washington have identified a new side-channel method that can allow hackers to remotely extract sensitive…

Security researchers at Imperva found that account takeover (ATO) attacks targeting the financial services sector surged 58% from April to May this year, raising fears that fraudsters are focusing more on buy now, pay later (BNPL) schemes.  The…

Security researchers at Intel 471 are warning that the post-COVID upsurge in travel has painted a bullseye on the travel industry and has spurred related cybercrimes.  The researchers have seen an uptick in adversaries targeting the theft of airline…

According to MIT researchers, analog-to-digital converters contained by smart devices, which encode real-world signals from sensors into digital values that can be processed computationally, are vulnerable to electromagnetic side-channel attacks. A…