Bobby Rauch, a security consultant and penetration tester, has discovered that Apple's AirTags do not sanitize user input. These AirTags are attached to laptops, phones, and other frequently lost items. The lack of user input sanitization leaves AirTags…

Log monitoring, firewall, and antivirus technologies have been valuable tools for alerting IT teams about suspicious network behavior, but the underlying technologies that support security teams in their day-to-day operations have remained the same as…

Researchers at Aura recently conducted a new survey of 2,000 U.S. adults. They found that 76% of Americans recognize that data breaches are serious, showing a high awareness that may be driven by news of significant consumer, enterprise, and…

The owner of two chains of American luxury department stores has warned 4.6 million Neiman Marcus customers that their personal data may have been exposed in a security incident that happened 17 months ago.  Neiman Marcus Group, which owns the…

Hackers stole from 6,000 customers of Coinbase, which is the world's second-largest cryptocurrency exchange with nearly 68 million users worldwide. The hackers exploited a vulnerability to circumvent the company's SMS multi-factor authentication security…

According to a new report from security researchers with the crypto exchange Kraken, many of the Bitcoin ATMs placed at gas stations, bars, malls, and more, across the U.S. contain security vulnerabilities, leaving them open to hacking. The number of…

The U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has kicked off Cybersecurity Awareness Month. President Biden proclaimed October as Cybersecurity Awareness Month, calling on public and private sectors…

A new APT group has emerged that is specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to…

Researchers from Kaspersky have found that cybercriminals are exploiting the long-awaited release of the new James Bond movie No Time to Die. Adversaries are taking advantage of the bigger than usual buzz around this particular Bond title by operating…

Researchers at the Georgia Institute of Technology demonstrated an attack on two different types of low-end Android phones, a ZTE Zfive and an Alcatel Ideal. These attacks showed that one of the measures put in place to secure data on a low-end phone…

Facebook has open-sourced Mariana Trench, a tool that has been used to find potentially dangerous security and privacy flaws in the company's Android and Java applications. The tool has already been trained by Facebook's security and software engineers.…

According to the 2021 Cybersecurity Statistics report from Purplesec, nearly 100 percent of cyberattacks have relied on the performance of social engineering to manipulate employees within an organization to hand over passwords and other sensitive…