Biometrics help identify and authenticate a person by analyzing and measuring physical characteristics such as the face, voice, fingerprint, retina, and more. Biometric-based tools are increasingly supplementing or replacing password systems in the realm…

Researchers from the University of Tsukuba, Japan, propose the use of an alternative approach to text passwords, which involves using an enhanced graphical authentication method. They developed the "Estimating Your Encodable Distorted images" (EYEDi)…

Google's Threat Analysis Group discovered that two distinct sets of North Korean hackers were exploiting the same remote code execution vulnerability in the Chrome web browser.  One set of North Korean hackers targeted news media and IT…

Security researchers at Sectigo have found that 4.1 million websites globally are currently infected with malware.  According to the study, bot traffic accounted for 5.5 times more than human traffic in 2021, compared to 2020, with 2,306 weekly…

ESET researchers have spotted a cyberespionage campaign involving a previously undocumented Korplug variant by the Mustang Panda Advanced Persistent Threat (APT) group. The campaign takes advantage of the war in Ukraine and other European news…

HP has announced that over 200 of its printer models are impacted by a critical Remote Code Execution (RCE) vulnerability disclosed by researchers at the Pwn2Own hacking contest in 2021. The security vulnerability, tracked as CVE-2022-3942, is described…

Palo Alto Networks’ Unit 42 conducted an analysis of ransomware attacks launched in 2021, finding that large and highly organized cybercrime groups such as Conti are contributing to the increase in the overall cost of ransomware attacks. Cases handled by…

Security researchers at JupiterOne have discovered that stretched IT security teams threaten to become overwhelmed by the number of assets they must defend, especially those in the cloud. The security researchers analyzed 370 million assets at nearly 1,…

The United States and Canada held talks on Tuesday to explore how the countries could collaborate better to counter cross-border illegal activity, including cybercrime.  During the meeting, the countries have agreed to work together to improve…

The multiple programs running simultaneously on a device depend on data stored in the device's memory hardware. However, sensitive information may not be shared among all the programs, thus leaving the device exposed to a memory timing side-channel…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory warning critical infrastructure organizations about cyber risks associated with…

A recent report from the Managed Detection and Response (MDR) firm Red Canary brings further attention to the use of legitimate penetration testing tools such as Cobalt Strike, Impacket, and RMM by threat actors. Malicious actors have found it to be more…