Researchers at Palo Alto Networks conducted a new study where they scanned 50 million IP addresses associated with 50 global enterprises.  The research was carried out between January and March 2021.  The researchers stated that threat actors…

Security researchers at Uptyc's have discovered a new malware that infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities.  A recently developed botnet named "Simps" has emerged from the cyber-underground…

The Center for Internet Security (CIS) officially announced the launch of CIS Controls v8. The Controls have been enhanced to keep up with evolving threats and technology, including modern systems and software. The CIS Controls are prioritized Safeguards…

Researchers at the RAND Corporation have developed a new model that improves upon existing frameworks to help organizations proactively protect themselves against cyber threats. The process-based Scalable Warning and Resilience Model (SWARM) developed by…

Developers should be more responsible for the security of their code. One of the best ways to ensure software quality is to perform source code reviews to identify and remediate security risk before an application moves into production. Developers…

Aqua Security has published new research from Team Nautilus, revealing that most companies that have transitioned to multi-cloud environments are failing to configure their cloud-based services properly. Findings from Aqua's "2021 Cloud Security Report:…

Akamai's new "State of the Internet" report reveals that the number of credential stuffing attacks reached 193 billion in 2020. The number of login attempts using stolen or reused credentials increased more than 310 percent from 47 billion in 2019. An…

Owners of Eufy home security cameras were warned this week of an internal server bug that allowed strangers to view, pan, and zoom in on their home video feeds for approximately one day. Inversely, customers were also suddenly given access to do the same…

A team of security researchers at Website Planet discovered an AWS S3 bucket left unprotected and unsecured by FastTrack Reflex Recruitment, now TeamBMS.  The 5GB trove contained 21,000 files, including CVs featuring personal information such as…

More private data is being stored and shared digitally, making it more important than ever to explore the different ways in which data could be protected against attacks. Silicon technology, used today, exploits the tiny differences between computing…

The FBI is warning families of missing persons to be on their guard for extortion demands from cyber-criminals claiming to have abducted their loved ones.  The adversaries typically scour social media posts to gather information about missing…

Security researchers at a cybersecurity firm called Tessian have uncovered a number of SMS scams impersonating well-known meal kit delivery companies, including Gousto and HelloFresh.  The surge in meal kit delivery scams is because of the rising…