Researchers at the firmware security company Binarly discovered 16 new high-severity flaws in multiple implementations of the Unified Extensible Firmware Interface (UEFI) firmware that impacts several HP corporate devices. The flaws discovered in HP's…

Hacking experts at Carnegie Mellon's CyLab run an annual free online cybersecurity competition called picoCTF. The competition introduces the cybersecurity realm to young students in order to help build a talented cyber workforce. This year, the…

Fall 2021 SoS Quarterly Lablet Meeting  

Researchers at Google's Threat Analysis Group (TAG) stated that while Russia is fighting a physical war on the ground against Ukraine, advanced persistent threat (APT) groups affiliated with or backing Vladimir Putin's government are ramping up phishing…

The White House's recent requirement for federal agencies to achieve a zero trust architecture is a great first step, but zero trust can't stop there.  The zero trust requirement is part of President Joe Biden's cyber plan and is directed to federal…

Researchers at Armis Research Labs have discovered a set of vulnerabilities in smart Uninterruptible Power Supply (UPS) devices. The vulnerabilities, discovered in APC Smart-UPS products and collectively dubbed TLStorm, could allow attackers to disrupt…

According to the US Federal Bureau of Investigation (FBI), the RagnarLocker ransomware group has compromised the networks of at least 52 organizations across ten critical infrastructure sectors. The federal law enforcement agency revealed that it had…

Research conducted by employees at CyberMDX, a medical device cybersecurity company recently acquired by Forescout, found that many Internet of Things (IoT) and medical devices are impacted by vulnerabilities in PTC’s Axeda agent. The Axeda agent is a…

A security incident at a nonprofit community hospital in Oklahoma may have exposed the personal data of more than 92,000 individuals.  Duncan Regional Hospital (DRH) discovered that access to some of its systems were mysteriously blocked on January…

Cybercriminals have broken into the network of South Korean tech giant Samsung Electronics and stole various source codes.  The source codes involved in the incident are related to the operation of the company’s Galaxy devices.  While the…

An undisclosed website has faced a days-long Distributed Denial-of-Service (DDoS) attack, which measured up to 2.5 million requests per second. According to researchers at Imperva, instead of the attackers contacting the victim separately, the attack…

The Threat Research team at Deep Instinct monitored the different volumes and types of cyberattacks and analyzed their findings to help predict the future of cybersecurity, determine attackers' motivations, and highlight the steps that organizations…