Microsoft has confirmed that Windows is affected by a zero-day vulnerability after researchers warned of exploitation in the wild. The vulnerability is now tracked as CVE-2022-30190. A researcher who uses the online moniker “nao_sec” recently reported…

Researchers at SafetyDetectives recently discovered that a low-cost Turkish airline accidentally leaked personal information of flight crew alongside source code and flight data after misconfiguring an AWS bucket.  The researchers found the cloud…

The cyber division of the Federal Bureau of Investigation (FBI) has recently warned universities and colleges located in the U.S. that higher education credentials have been advertised for sale on online criminal marketplaces and publically accessible…

A "zero-trust" approach is the current best practice in secure technology architecture followed by large businesses and organizations. Zero-trust security is an approach that requires users to prove their authenticity every time they access data or a…

A team of researchers from the Indian Institute of Science (IISc) has developed a record-breaking True Random Number Generator (TRNG) to improve data encryption and provide enhanced security for sensitive digital data such as credit card details,…

The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a new five-step 5G Security Evaluation Process to help companies improve their security posture before deploying new 5G applications.  The new guidelines include…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) issued a warning in late March that critical US infrastructure sectors could be targeted by Russian cyberattacks. The rapid development of new information and…

Bug hunters at Microsoft have discovered several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The researchers warn that exploitation could have allowed the implantation of a persistent backdoor on Android…

Twitter has agreed to pay a $150m fine to settle a federal privacy suit over privacy data violations.  Twitter reportedly was collecting phone numbers and email addresses for account security measures and then using the information for advertising…

The Fronton botnet can do far more than execute Distributed Denial-of-Service (DDoS) attacks. It can also track social media trends and launch fitting propaganda. The Fronton DDoS-focused botnet first made headlines in March of 2020, when a hacktivist…

Google's Chrome team is exploring the use of heap scanning to decrease memory-related security flaws in Chrome's C++ codebase, but the method takes up a lot of memory unless newer ARM hardware is used. Google cannot simply replace Chrome's existing…

Identity-based attacks and living-off-the-land (LotL) behaviors were the top two threats to organizations in 2021, according to a report recently released by Blumira. The new data was derived from an analysis of Blumira's security detections across 230…