Threat actors have been conducting Domain Name System (DNS) tunneling to track when targets open phishing emails and click on malicious links. They are also applying the method to scan networks for vulnerabilities.

Cyberattackers launching "Mallox" ransomware, also known as "Fargo," "TargetCompany," and "Mawahelper" have applied sophisticated methods, as shown by a recent Microsoft SQL (MS-SQL) honeypot incident.

A recent data breach faced by the Debt collection agency Financial Business and Consumer Solutions (FBCS) compromised the personal information of almost 2.7 million people.

Security researchers at Security Research (SR) Labs have warned online shoppers to be on their guard after revealing news of an extensive network of fake e-commerce stores designed to steal victims’ card details and cash.

Several vulnerabilities in cellular modem technology impact millions of Internet of Things (IoT) devices in financial services, telecommunications, healthcare, and other sectors. Telit Cinterion modems have Remote Code Execution (RCE) flaws.

A well-known threat actor is starting to sell what they claim to be a legitimate trove of highly sensitive internal data stolen from Europol this month. "IntelBroker" recently took to the hacking site BreachForums to advertise their wares.

According to a Joint Cybersecurity Advisory (CSA) issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the

Researchers from North Carolina State University have demonstrated a new tool called "VFCFinder" that analyzes open source software updates to determine which sections of code are being modified to address recently i

Attackers can manipulate routing tables to bypass traffic meant for a Virtual Private Network (VPN) and redirect it to an untrusted local network using a technique called "TunnelVision." It involves the exploitation of a Dynamic Host Co

As more children use Virtual Reality (VR) apps, new research suggests that few parents understand VR technologies' security and privacy risks. According to the study, few parents actively address security and privacy issu

Cornell Tech's Security, Trust, and Safety (SETS) Initiative will guide new teaching, research, engagement, and entrepreneurial activities aimed at addressing critical problems posed by unsafe digital technologies to societies globally.

The Sysdig Threat Research Team (TRT) has discovered "LLMjacking," a new cyberattack that targets cloud-hosted Large Language Model (LLM) services using stolen cloud credentials.