Recently there were assault attempts on control and control systems of wastewater treatment plants, pumping stations, and sewers, according to Israel's National Cyber directorate.  In the US alone, there are an estimated 70,000 water utilities.…

Trustwave's Global OT/IoT security research team discovered security flaws in two Schneider Electric industrial control systems (ICS) products. Trustwave analysts demonstrated the possibility of malicious actors exploiting the vulnerabilities found in…

Wordfence's Threat Intelligence team has reported attempts by threat actors to exploit two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins. The abuse of these vulnerabilities can allow attackers to…

GoDaddy recently discovered a data breach that affected about 28,000 of its customers' web hosting accounts.  The company believes that no data was altered or stolen.  The security incident occurred in October 2019 but was not discovered until…

FireEye's Mandiant Security Validation team's 2020 Mandiant Security Effectiveness Report reveals that only a small percentage of attacks trigger security alerts, and more than 50% of successful intrusions go undetected by security solutions. The report…

Recent studies by Palo Alto Networks and Mimecast highlight threat actors' continued exploitation of fear and interest surrounding the coronavirus outbreak to increase the success of phishing and social engineering attacks. According to Palo Alto…

Researchers at a security firm called Intezer have discovered a new botnet called Kaiji.  The Kaiji botnet is spreading by targeting SSH protocols, which use encryption to establish a remote link between a device and a server.  It uses brute-…

A new cybersecurity study by researchers at New York University shows that when people assess their exposure to risk, they believe they are less likely than others to engage in activities that would increase their vulnerability to online attacks.…

In a new global survey, researchers polled 3,250 individuals across the United States, Singapore, Australia, Germany, Brazil, and the United Kingdom.  The researchers found that there is a heightened global awareness of what are good security…

 Mordechai Guri, researcher at the Ben-Gurion University of the Negev, has demonstrated another method to steal data from an air-gapped system that involves the abuse of the power supply. The attack method, called POWER-SUPPLaY, is performed by…

The Financial Industry Regulatory Authority (FINRA), a private organization that helps self-regulate brokerage firms and exchange markets in the U.S., has discovered that there is a widespread, ongoing phishing campaign that is targeting their members.…

The UK's National Cyber Security Centre (NCSC) and the US Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a joint warning about the targeting of healthcare organizations by state-sponsored hacking…