In cybersecurity, "whaling" refers to cybercriminals targeting high-level executives to steal the most privileged information and obtain access to the most sensitive data. According to Tonia Dudley, strategic adviser at Cofense, these whaling attempts…

Researchers at Sonatype, SANS Institute, and an independent researcher have discovered that a popular Python package was compromised recently and replaced with a malicious version designed to help the attacker obtain AWS credentials.  The…

According to a new report by the United States Senate Committee on Homeland Security & Governmental Affairs, the US government lacks comprehensive data on ransomware attacks, including how much is lost in payments.  The report presented the…

Verizon's 2022 Data Breach Investigations Report (DBIR) revealed a growth in cyberattacks across all sectors, including healthcare. Verizon discovered a 13 percent spike in ransomware year-over-year, representing an increase that is more significant than…

A December cyberattack on a Canadian healthcare organization compromised a wide range of data, including patient information dating back to 1996 and personnel vaccination records from last year. Some of the compromised data came from a non-profit…

A new cybercrime group that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what…

According to Microsoft, card-skimming malware is increasingly using malicious PHP software on web servers to modify payment sites and avoid browser safeguards activated by JavaScript code. Card skimming has been fueled in recent years by Magecart malware…

Cisco recently informed its customers that it is aware of in-the-wild exploitation attempts targeting a new vulnerability affecting its IOS XR software.  The flaw, tracked as ​​CVE-2022-20821, was discovered by Cisco during the resolution of a…

General Motors (GM), a US automobile manufacturer, announced that it was hit by a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards.  GM said they detected the…

A team of researchers wrote a new paper outlining a new protocol for better privacy and security protections when exchanging cryptocurrencies. Currently, if two people or entities want to exchange one cryptocurrency for another, they can do so directly…

Researchers at Cardiff University have developed a new method for automatically detecting and killing cyberattacks on laptops, desktops, and smart devices in less than a second. The method, which uses Artificial Intelligence (AI) and Machine Learning (ML…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.