The Poly Network, specialized in cryptocurrency transfers on the Binance, Ethereum, and Polygon blockchains, has revealed that it had been hit with an attack in which assets were transferred to hackers. According to Poly Network, the hackers exploited a…

A series of vulnerabilities called ProxyShell impact at least 30,000 Internet-exposed Microsoft Exchange servers. The ProxyShell vulnerabilities can be chained for unauthenticated remote code execution, thus allowing an attacker to take over an Exchange…

Researchers at Trend Micro have discovered an under-construction malware called Chaos, which is being advertised on an underground forum as being available for testing. While it calls itself ransomware, an analysis revealed that it’s actually more of a…

Researchers at Zimperium have uncovered a new type of Android Trojan attack that spreads via social media hijacking. The new Android Trojan is codenamed FlyTrap and has hit at least 140 countries since March 2021 and has spread to over 10,000 victims…

According to researchers Allan Cecil and Dan Petro from Bishop Fox, most modern Internet of Things (IoT) devices have flawed hardware-based Random Number Generators (RNGs). These RNGs have a fundamental flaw that weakens the security of the encryption…

Researchers at the Ben-Gurion University of the Negev have demonstrated a method for spying on electronic conversations. They released a new paper outlining a novel passive form of the TEMPEST attack called Glowworm. The Glowworm attack transforms minute…

Researchers have discovered that threat actors have leaked 1 million stolen credit cards for free online as a way to promote a relatively new and increasingly popular cybercriminal site dedicated to selling payment card credentials.  The cards were…

Celestino Corral, an electrical engineer at Sandia National Laboratories (SNL), developed a method that uses error-checking computer code to improve the security of digital content, such as email and social media messaging. Corral started working on…

Researchers at Varonis have found that numerous publicly accessible Salesforce communities are misconfigured and could expose sensitive information.  A Salesforce Community site lets customers and partners interface with a Salesforce instance from…

Cybersecurity analysts work with a significantly large amount of data, especially in the performance of activities such as monitoring network traffic. Yang Cai, a senior systems scientist at CyLab, stresses that important patterns often get buried by a…