A cybercriminal group called OldGremlin has returned after a hiatus of more than one year. The group is known to be highly skilled in running carefully planned and scattered campaigns. OldGremlin is different from other ransomware operations because of…

Researchers at Check Point have identified a vulnerability in the Rarible Non-Fungible Token (NFT) marketplace, which could have resulted in nearly two million active users losing their NFTs in one transaction. An NFT is defined as a unit of data stored…

An advisory, recently published jointly by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, NSA, and the Department of Energy, warns that threat actors have developed a custom toolkit that enables them to scan for, compromise, and…

The Department of Justice (DOJ) seized the popular online cybercriminal marketplace RaidForums.  The takedown is the latest massive sweep by the U.S. government and international law enforcement partners of online marketplaces where hackers buy and…

A high-severity Remote Code Execution (RCE) vulnerability previously discovered in the Spring framework has been exploited by hackers since April to deploy the Mirai botnet malware on vulnerable devices in a likely attempt to execute Distributed Denial-…

Last week, Hawaii-based agents with Homeland Security Investigations (HSI), an arm of the Department of Homeland security (DHS), “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable…

An interdisciplinary group of researchers from Florida International University and the University at Albany will co-lead a new $1.5 million virtual institute aimed at training the next generation of cybersecurity professionals for military and civilian…

Microsoft has released patches for 128 CVE-numbered vulnerabilities. One of the vulnerabilities is a zero-day that has been exploited in the wild. A Proof of Concept (PoC) and a Metasploit module is already available for another vulnerability. The zero-…

The industrial technology giant ABB is working on patches for high-severity vulnerabilities affecting Symphony Plus SPIET800 and PNI800, which are network interface modules implemented to enable communications between a control network and a host…

Security researchers from cybersecurity vendor ESET in collaboration with the Ukrainian Computer Emergency Response Team (CERT-UA), have found that a Ukrainian energy supplier was targeted by a new variant of Industroyer malware named Industroyer2.…

Security researchers at Digital Shadows have discovered that the number of ransomware leak victims dropped by over a quarter between the end of 2021 and the first three months of 2022.  The threat intelligence vendor observed 582 organizations…

Engineering professor Kassem Fawaz and graduate student Yucheng Yang at the University of Wisconsin-Madison conducted an analysis of the way in which popular videoconferencing apps collect data. They discovered that at least one of the apps collects all…