Malware authors often leverage vulnerabilities contained by software. However, malware could also have bugs and coding errors that cause it to crash or serve as backdoors for white hat hackers. Zscaler researchers studied the types of vulnerabilities…

A cross-site leak (XSLeak) flaw has been discovered in the file-sharing feature of Slack's web application by a security researcher named Julien Cretel. According to Cretel, the exploitation of the vulnerability could allow threat actors to identify…

The FIN7 hacking group, also known as Carbanak, is now creating fake cybersecurity companies that perform network attacks under the guise of penetration testing. FIN7 has been involved in cyberattacks and campaigns aimed at stealing money since 2015,…

Cybersecurity researchers at Kaspersky released research on Russian-speaking cybercriminal activity and how it has changed over the past six years.  The researchers found that historically favored attacks targeting banks and other financial…

The US government has issued new rules designed to prevent the export of hacking and surveillance tools to regimes guilty of human rights abuses.  The new rules were released by the Commerce Department’s Bureau of Industry and Security (BIS) and…

The U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) awarded $2 million to NPower and CyberWarrior in support of the development of cyber workforce training programs. The two organizations will focus on…

The White House had a series of virtual meetings with representatives from more than 30 countries to discuss the growing security threat posed by ransomware. The United States, together with other participating nations, pledged to tackle ransomware…

The Space Information Sharing and Analysis Center (Space ISAC) and the NY Metro InfraGard Members Alliance (NYM-IMA) will work together to strengthen cybersecurity in space. The organizations signed a Memorandum of Understanding, thus allowing them to…

Researchers at Neustar International Security Council (NISC) found that nearly three-quarters (72%) of organizations have suffered a domain name system (DNS) attack in the last 12 months.  Of those organizations affected, 61% were targeted on…

Researchers at Check Point have discovered new multi-function malware abusing the core functions of popular group app platform Discord. The researchers found several malicious GitHub repositories featuring malware based on the Discord API and malicious…

Academic researchers have developed a new fingerprint-capturing and browser-spoofing attack dubbed Gummy Browsers. According to the researchers, this attack is easy to perform and can have severe consequences. A digital fingerprint serves as a unique…

Security researchers at Akamai analyzed 10,000 malicious JavaScript samples that represent threats such as malware droppers, phishing pages, scammers, cryptomining malware, and more. The analysis revealed that at least 25 percent of the samples used…