A recent study conducted by Carnegie Mellon University's CyLab finds that users rarely change their passwords for accounts on breached domains. According to one researcher, only 13 percent of users changed their passwords within the first three months of…

The cybersecurity research firm Cyble discovered a data leak involving details of more than 80,000 credit cards. Threat actors are selling this information on the dark web market in exchange for cryptocurrency. The dump of stolen credit card details…

Researchers discovered that the rate of mobile phishing rose sharply between the last quarter of 2019 and the first quarter of 2020.  The encounter rates for enterprise mobile phishing increased 37 percent between the last quarter of 2019 and the…

Google researchers found that nearly three-quarters of all security bugs contained by the Chrome web browser derive from problems with memory coding. According to the researchers, the current methods of sandboxing and site isolation used to prevent…

Researchers at Syniverse conducted a new survey of 200 enterprise executives in North America and Europe in several key vertical industries already using or in the process of deploying IoT.  These industries include financial services, retail,…

Cybercrime poses a threat to America's competitive advantage and the future of the economy. However, many still question the extent to which cybercrime impacts economic activity, claiming the compromise of and bias with cybercrime loss estimates. The…

GitHub Security Labs has discovered a form of malware that spreads via infected repositories on their systems.  The malware found is called Octopus Scanner.  Octopus Scanner targets Apache NetBeans, which is an integrated development…

Researchers at the Indian Institute of Technology Kanpur have discovered a new technique called "DABANGG," which improves the effectiveness of timing channel attacks. A timing channel attack refers to the analysis of how long it takes for a targeted…

Security researchers found that 8Belts, maker of language-learning apps, left a database containing sensitive information about hundreds of thousands of users exposed online. The unsecured 8Belts database, which has now been taken down, revealed national…

Microsoft is warning organizations about new Java-based ransomware, called "PonyFinal." The tech giant considers PonyFinal to be human-operated ransomware because it is not a variant distributed in an automated manner. According to Microsoft's Security…

Organizations are struggling to adjust to the new normal caused by the COVID-19 pandemic.  In a new survey by Bitglass, researchers discovered that 41 percent of the respondents said that their organizations had not taken any steps to expand secure…

Security researchers at ESET have discovered a new strain of Android malware, called "DEFENSOR ID." The malware performs malicious activities through the abuse of a device's Accessibility Services. These services enable the malware to execute 17 commands…