New research from Tessian and the Ponemon Institute reveals that nearly 60% of organizations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months.   More than half (67%) of IT security practitioners said…

QNAP is alerting customers that attackers are using known vulnerabilities in previous versions of the company's software for some of its Network-Attached Storage (NAS) devices to launch Deadbolt ransomware. The company has published an advisory stating…

The US Department of Justice (DoJ) has announced that its policy on violations of the Computer Fraud and Abuse Act (CFAA) has been revised. For the first time, the policy states that good-faith security research should not be charged. According to the…

Netgear has admitted that multiple security vulnerabilities in its business-grade BR200 and BR500 VPN routers can’t be fixed due to technical limitations outside of their control and is offering users a free or discounted replacement router.  …

Security researchers at Ivanti, Cyber Security Works, and Cyware have discovered that there was an “alarming” surge in activity by the Conti ransomware gang in the first three months of 2022.  The researchers observed a 7.6% rise in the number of…

Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines.  The researchers dubbed the campaign,…

According to Microsoft, the activity of the stealthy and modular malware strain used by hackers to infiltrate Linux devices and compose a Distributed Denial-of-Service (DDoS) botnet has increased by 254 percent in the last six months. This malware is…

According to a new study published by experts from KU Leuven, Radboud University, and the University of Lausanne, users' email addresses are being exfiltrated to tracking, marketing, and analytics domains before they are sent and without prior consent…

A new study conducted by researchers from Monash University proposes the most effective way to accurately predict vulnerabilities contained by software code and improve cybersecurity. Software vulnerabilities are common in all systems developed with…

MITRE has developed a prototype framework for Information and Communications Technology (ICT) that defines and quantifies supply chain risks and security concerns, including software. The prototype framework called System of Trust (SoT) is essentially a…

Researchers at Trustwave SpiderLabs have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot.  The phishers hope that this reluctant acceptance of chatbots will help…

According to new research by identity management vendor Hitachi ID, nearly half (46%) of IT and security leaders still store corporate passwords in office documents like spreadsheets, exposing their organization to significant cyber risk.  It is…