Group-IB security experts have uncovered a new global cyberespionage phishing campaign aimed at harvesting users' personal and financial information. The malicious campaign has been targeting users in more than 90 countries, including South Korea, Italy…

The UK's National Crime Agency (NCA) donated over 225 million passwords found during the course of its crime-fighting, to Have I Been Pwned (HIBP). HIBP is a free service used to check credentials stolen or leaked through past data breaches. The service…

Consumers have been warned to stay vigilant of delivery scam texts while online shopping for Christmas.  Security researchers at Proofpoint found that delivery ‘smishing’ scams are surging amid the busiest shopping period of the year.  Over…

Researchers at the Horst Görtz Institute for IT Security at Ruhr-Universität Bochum are exploring how data generated using Artificial Intelligence (AI), known as deepfakes, can be distinguished from real data. Deepfakes refer to synthetic media,…

A three-hospital health system in West Virginia has become the victim of a business email compromise (BEC) scam that began with a phishing attack.  Monongalia Health System, Inc. (MHS) had no idea that its cybersecurity defenses had been penetrated…

Cybersecurity leaders from the US, Australia, Canada, New Zealand, and the UK have issued a new Log4j advisory. The guide covers technical details, mitigations, and resources for addressing vulnerabilities in the Apache Log4j software library. This is a…

Researchers from Sophos Labs have discovered the use of a novel exploit that can bypass a patch for a critical vulnerability impacting the Microsoft Office file format. Attackers weaponized a publicly available proof-of-concept Office exploit to deliver…

During the "Shift Left and Extend Right" trend, developers are finding that they need to implement stronger security practices into their processes. Idan Plotnik, the co-founder and CEO of Apiiro, an application risk management platform provider, has…

Researchers from Venafi have found that nearly two-thirds (60%) of security professionals believe the threat of ransomware should be treated with the same urgency as terrorism.  The survey of 1500 IT security decision-makers from the UK, US,…

Ubisoft has admitted that data on some players may have been taken after a breach of its IT systems stemming from human error.  The French gaming giant stated that the misconfiguration of its IT infrastructure was quickly identified, but not before…

Security researchers with Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could be exploited to allow remote attackers to evade authentication requirements, alter metal detector setups, and execute…

Security researchers at F-Secure identified a vulnerability in a home test for COVID-19. The exploitation of this flaw could allow a malicious actor to alter test results, changing them from positive to negative or vice versa. According to the…