The TETRA standard is used globally in radios. According to security researchers, multiple vulnerabilities have been discovered in the fundamental cryptography and its implementation, including issues that enable the decryption of traffic. A group of…

Security researchers at the Shadowserver Foundation have found that over 15,000 Citrix servers worldwide are at risk of compromise unless administrators patch urgently.  The researchers noted that of the impacted servers, the most significant number…

Researchers have found what they say are the first open source software supply chain attacks that specifically target the banking sector. Checkmarx noted that these attacks exhibited sophisticated techniques, including targeting specific components in…

According to Wiz security researchers, the Microsoft consumer signing key stolen by Storm-0558 hackers gave them access beyond the Exchange Online and Outlook[.]com accounts that Redmond said were compromised. Redmond disclosed that the attackers had…

IBM published its annual Cost of a Data Breach Report, revealing that the global average data breach cost reached $4.45 million in 2023, a 15 percent increase over the previous three years. Detection and escalation costs increased by 42 percent during…

In a presentation at Black Hat USA, Forescout researchers will bring attention to Border Gateway Protocol (BGP) implementation flaws. Few technologies are more fundamental to the Internet than BGP, which manages the transmission of data packets between…

Purdue University has been selected as a partner in a new University Transportation Center (UTC) focused on cybersecurity and funded by the US Department of Transportation (DOT). The Transportation Cybersecurity and Resilience (TraCR) center, led by…

According to a recently published white paper by Sheffield Hallam University, healthcare robotic systems must prioritize security and privacy protections. The paper calls for "secure by design" and "privacy by design" principles to increase user trust in…

There are various infiltration strategies adversaries can use to threaten the smart grid. For example, in a false-data injection attack, someone could hack into the grid's communication networks and replace actual measurements with false data. Denial-of-…

High-profile data breaches such as Kaseya and Apache Log4j continue to impact organizations, thus making software supply chain security more important than ever. A Software Bill of Materials (SBOM) consists of all the components and libraries used to…

Cybercriminals continue to look for new methods to manipulate search results. They are flooding Google with paid advertisements through malvertising campaigns, which direct unsuspecting users to malicious websites that exploit their data and trust. The…

Vectra AI has released a new research report revealing that 97 percent of analysts are concerned about missing security events. Seventy-one percent acknowledge that their organization may have been compromised, but they are unaware of it. Analysts are…