Researchers with NCC Group and Fox-IT have detailed a new threat group called Chimera. According to the researchers, this group targets Microsoft and Google cloud services to achieve goals aligned with the Chinese government's interests. Chimera tries to…

The National Highway Traffic Safety Administration (NHTSA) released a new draft of voluntary cybersecurity best practices with a focus on secure software use in vehicles. The updated draft incorporates comments gathered from a 2016 best practices…

Researchers at the global threat hunting and adversary-centric cyber intelligence company Group-IB discovered a Russian-speaking scam-as-a-service operation called Classiscam. This operation, which started two years ago, now involves 40…

Researchers from HYAS and Advanced Inteligence LLC looked at transactions for known Bitcoin addresses associated with Ryuk ransomware and have concluded that the Ryuk ransomware criminal enterprise is worth more than $150,000,000.   Ryuk ransomware…

DNS-over-HTTPS (DoH) continues to grow in popularity among enterprises to improve privacy and integrity. The privacy protocol is supposed to help prevent eavesdropping and the manipulation of DNS traffic. However, the US National Security Agency (NSA) is…

Researchers at WhiteOps discovered 164 apps that mimic legitimate apps to garner downloads to trick the user into seeing a whole bunch of unexpected ads.  The bad apps that were discovered didn’t cover their tracks once they were downloaded onto a…

Researchers from the Australian National University (ANU) and the University of Duisburg-Essen in German published a new book titled Linking Sensitive Data, which discusses how data sharing and the preservation of people's privacy can be improved.…

Nissan North America source code was leaked online because of the misconfiguration of a company Git server left exposed with default credentials. The Git repository contained the source code of Nissan NA Mobile apps, Dealer Business Systems, client…

The email security vendor Mimecast has announced that hackers compromised a Mimecast-issued certificate used to authenticate several of the company's products to Microsoft 365 Exchange Web Services. The certificate, discovered to be compromised, is used…

Ring smart doorbells have faced years of criticism from cybersecurity experts for flaws in their system that opened video and data collected by the system to be stolen by adversaries.  After many cybersecurity experts stated that Ring lacked…

The antivirus company Bitdefender released a free decryptor for DarkSide ransomware to allow victims to unlock their systems and recover their files without having to pay a ransom. According to Bitdefender, their tool can automatically scan and search…

Many sites allow users to opt-out of some of their data collection and use practices. However, this choice is hard to find as it is often hidden in long, difficult-to-read privacy policies. A new study by researchers from Carnegie Mellon University'…