According to a new report from WhiteHat Security, the average time taken to fix critical cybersecurity vulnerabilities has increased from 197 days in April 2021 to 205 in May 2021. Organizations in the utility sector were found to have the highest window…

Tens of thousands of Reproductive Biology Associates (RBA) patients have had sensitive personal and medical information stolen in a ransomware attack. Reproductive Biology Associates (RBA) is a US fertility clinic and was the first organization of its…

On Monday, the Ohio Department of Medicaid warned that an unknown party had accessed data in the care of a company called Maximus for two days in May without authorization. The incident occurred from May 17th to May 19th. The department hired Maximus to…

Elastic Security uncovered a new image tampering attack called Process Ghosting. Remote hackers are using this new type of executable image-altering technique to deploy malware on a targeted Windows system stealthily. Process Ghosting escapes anti-…

Security researchers at Tessian have warned online shoppers to beware of scam emails and texts over the next couple of days as the Amazon Prime Day e-commerce bonanza gets underway. The most common tactic used by scammers will be to impersonate Amazon in…

Researchers at the email and collaboration security firm Avanan have discovered a new method that attackers are using to trick victims into visiting malicious phishing websites via Google Docs. The attack begins with the threat actor sending an email,…

A bipartisan group of U.S. senators recently reintroduced the International Cybercrime Prevention Act, which is aimed at arming law enforcement with the tools needed to combat cybercrime and better protect Americans. The bill, first introduced in 2018,…

Security researchers at WebsitePlanet found the non-password-protected database, which had no form of authentication in place to prevent unauthorized entry, on March 21. The database contained information about CVS Health customers. The researchers…

According to researchers at Proofpoint, attackers are using fake DHL shipping emails to trick recipients into opening malicious Word and Excel documents that lead to an infection of 'RustyBuer,' a new variant of the Buer Loader malware family written in…

Colorado has unanimously passed a new data privacy act to safeguard Coloradoans' personal information.  The Colorado Privacy Act is due to take effect on July 1, 2023, and now awaits the signature of state governor Jared Polis.  Should the Act…

The NotPetya malware attack and the recent SolarWinds cyberespionage campaign both present real-world examples of software supply chain attacks in which a hacker slips malicious code into legitimate, widely used software. Supply chain security has become…

Security and privacy researchers at TU Wien, together with the IMDEA Software Institute and Purdue University, have developed a protocol aimed at improving the security and speed of transactions in cryptocurrencies such as Bitcoin. Cryptocurrencies are…