A new study by researchers at the University of California, Berkeley, found that smart traffic signals, surveillance systems, and emergency alerts are the riskiest smart city technology solutions. The researchers surveyed 76 cybersecurity experts, asking…

Security researchers at Specops went through more than 800 million breached passwords to determine which big-screen hits were used the most in passwords. The selection was a subset of a list of 2 billion passwords that have appeared in breached lists.…

Costco Wholesale Corporation is warning its customers to be wary of more than a dozen digital scams.  On its website, they published screenshots of 14 "prominent fraudulent emails, texts, and posts" in which cyber-criminals are impersonating Costco…

Users of SonicWall Hosted Email Security (HES) are urged to apply patches for three zero-day vulnerabilities found in the software. This platform provides inbound and outbound security protection and helps combat email-borne threats. The first zero-day…

Researchers at FireEye Mandiant have warned of the exploitation of one zero-day vulnerability and several old flaws in widely deployed Pulse Connect Secure (PCS) Virtual Private Network (VPN) devices to compromise defense, government, and financial…

Additional details have been shared about the recent Codecov system breach, which is now being compared to the SolarWinds hack. Codecov is a San Francisco-based company that offers code coverage and software testing tools. The scope of this system breach…

The FIDO Alliance has developed a new security standard for Internet of Things (IoT) devices. The open industry association said the move would help address the security, cost, and complexity challenges involved in deploying IoT devices at scale, thereby…

Men's social networking website and online dating application Manhunt has suffered a data breach.  The 20-year-old site was compromised in a cyber-attack that took place in February 2021.  The breach was discovered on March 2nd, and an…

The US Department of Justice (DOJ) recently revealed that the FBI carried out a court-approved operation to remove malicious web shells from compromised Microsoft Exchange email servers across the US. These web shells are used for backdoor access to the…

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI revealed a new phishing scheme in which attackers use fake traffic violations to infect victims with TrickBot and steal sensitive information. The attack begins with someone…

Researchers from Cisco Talos found two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer, an Internet-connected kitchen product that allows users to have remote control over cooking temperature, times, and settings. The…

Security researchers have discovered that adversaries repeatedly stole driver’s license numbers from a database maintained by Geico over the course of six weeks earlier this year. The security researchers found that the perpetrators of the breach used…