Russian-based cyber crime group attacks Costa Rica's state computer systems as new President Rodrigo Chaves transitions into office. Six state public institutions were attacked this week, with demands of $10 million for stolen or encrypted data from…

Github, a code-hosting platform used by tens of millions of software developers worldwide, is implementing mandatory two-factor authentication (2FA) for all code contributors.  Github announced that all users who upload code to the site will need to…

The National Institute of Standards and Technology (NIST) has updated its foundational Cybersecurity Supply Chain Risk Management (C-SCRM) guidance, which aims to help organizations protect themselves as they obtain and use new technology products and…

Apple, Microsoft, and Google announced plans to support the FIDO Alliance and World Wide Web Consortium (W3C) standard, making it easier for websites and apps to deliver end-to-end passwordless authentication via fingerprint/face scan or device PIN.…

A team of researchers at Carnegie Mellon University's CyLab has been studying privacy nutrition labels for more than a decade. Therefore, when Apple introduced privacy labels in their app store, the researchers wanted to find out whether the labels…

A cyberattack that compromised the personal data of hundreds of thousands of students in New York has also affected additional students based in Colorado.  The cyberattack occurred at California-based software company and New York City vendor…

A ransomware group believed to have strong ties within Russia recently stated that it will release files it took from the Bulgarian government agency responsible for refugee management. Bulgaria is a nation that has reportedly hosted hundreds of…

A team of researchers from China and the UK has developed an Intelligent Reflecting Surface (IRS) method to bolster the security of communications systems. Their IRS-aided technique can be used to increase the security of communication in scenarios…

A new Advanced Persistent Threat (APT) organization, now known as UNC3524, has been compromising business networks to obtain Exchange (on-premise and online) emails from personnel who are involved in mergers, acquisitions, and other corporate…

NetDooka is a new malware framework that has been observed being spread through the PrivateLoader pay-per-install (PPI) malware distribution service, which allows malicious actors to gain full access to an infected device. The malware framework contains…

Security researchers at email security firm Inky have discovered that more than 1000 phishing emails were sent from compromised National Health Service (NHS) inboxes over a six-month period.  The researchers noted that the campaign started around…

South Korea has become the first Asian nation to join NATO’s Cooperative Cyber Defense Centre of Excellence (CCDCOE).  The country’s National Intelligence Service (NIS) made the announcement today.  NIS will represent South Korea in the center’…