Two recently disclosed attacks that targeted providers in California and Arizona further suggest that healthcare organizations are at a high security risk. On August 24, 2021, California-based LifeLong Medical Care started notifying individuals that…

Researchers at ThreatFabric have discovered that a new Android banking trojan named SOVA (“owl” in Russian) is under active development, and it has big dreams even in its infancy stage. The malware is looking to incorporate distributed denial of service…

Since the 9/11 attacks 20 years ago, airlines and airports have banned sharp objects in carry-on luggage and implemented technology to detect explosives. However, many of today's security risks are now viewed more as the targeting of networks and…

Researchers at Kaspersky have found that around one in three industrial control systems (ICS) were targeted by malicious activity in the first half of 2021. The Russian security vendor claimed its solutions blocked over 20,000 malware variants from more…

An international team of researchers says they can make Solid-State Drives (SSDs) that ransomware attacks cannot affect by detecting infections and reverting unexpected encryption in seconds, with a small increase in latency. DaeHun Nyang, PhD, at Ewha…

Researchers with the threat intelligence company KELA analyzed 48 active threads on dark web marketplaces. These threads were made by threat actors seeking to purchase access to organizations' systems, assets, and networks. At least 40 percent of the…

Summer 2021 SoS Quarterly Lablet Meeting  

Another new ransomware gang is making waves with an unconventional structure, its unique pedigree, and an early victim.  A coalition of researchers on Thursday explained what makes Groove, a gang that quietly emerged in July with a website,…

Researchers at cybersecurity firm Resecurity have discovered that hackers have broken into the computer network of the United Nations and made off with data.  The unidentified cybercriminals behind the theft appear to have gained access simply by…

The cybersecurity company Fortinet has revealed that 87,000 sets of credentials for FortiGate SSL VPN devices have been published online. According to the company, the credentials were obtained through the exploitation of CVE-2018-13379, a known security…

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has released two documents aimed at strengthening the cybersecurity practices of government agencies and organizations. The documents titled the "Cloud…

The U.S. Department of Defense (DOD) awarded a $1.5 million grant to Washington State University (WSU) to establish a new cybersecurity education and research program. The Northwest Virtual Institute for Cybersecurity Education and Research (CySER)…