Insider threats are often considered to be either disgruntled employees or people who have made errors. However, in the age of COVID-19, insider threats are changing. An insider is now more likely to be a remote employee who appears completely…

McAfee researchers examined cybercriminal activity related to malware and the evolution of cyber threats in the third and fourth quarters of 2020. They published their findings in a new report.  In Q4, there was an average of 648 threats per minute…

According to researchers with the cyber intelligence firm Group-IB, cybercriminals are frequently using legitimate services to gather stolen data from exploit kits in the performance of phishing attacks. The researchers have found that hackers are often…

Researchers with the industrial cybersecurity firm Claroty recently disclosed five vulnerabilities in the OpENer Ethernet/IP (ENIP) stack designed for I/O adapter devices. The OpENer stack supports multiple I/O and explicit connections. It implements the…

The oceans and seas cover over two-thirds of the Earth's surface. These waters are expected to add $3 trillion to the global economy over the next decade through the generation of electricity via marine renewable energy (MRE) devices, which could reduce…

According to a study from Netskope, over 60 percent of malicious payloads were sent via cloud-based apps in 2020. That is an increase from 48 percent of malware samples delivered via cloud applications in 2019. This discovery brings further attention to…

The National Security Agency (NSA) issued alerts about four critical vulnerabilities found in 2013, 2016, and 2019 versions of the Microsoft Exchange Server. The exploitation of these vulnerabilities could allow attackers to perform remote code execution…

Researchers from FireEye conducted a new study where they analyzed targeted attack activity between October 1, 2019, and September 30, 2020. The researchers compiled their findings in a report called M-Trends 2021.  The researchers found that 59% of…

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has expanded pilot testing of a technology solution aimed at strengthening the cybersecurity of the nation's emergency communications infrastructure. SecuLore…

The Science of Security and Privacy 2021 Annual Report is now available. Science of Security and Privacy 2021 Annual Report highlights the progress and accomplishments of this initiative.

Pwn2OW is a contest that allows white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services.  This year the winning team was Computest, and they discovered a vulnerability in Zoom.  The…

Researchers at Microsoft have built a model that uses Machine Learning (ML) to attribute cyberattacks to specific groups based on Tactics, Techniques, and Procedures (TTPs) and to predict their next steps. The Microsoft researchers are discovering…