The FBI warns of hundreds of vulnerabilities in widely used medical devices that could enable cyberattacks. The FBI's Internet Crime Complaint Center (IC3) identified an increasing number of vulnerabilities posed by unpatched medical devices running on…

SentinelOne has released a report on intermittent encryption, a new method used by a few ransomware groups. Intermittent encryption encrypts every x bytes in files rather than encrypting selected complete files. As a result, intermittent encryption…

Hackers are using a phishing method called Browser-in-the-Browser (BITB) to obtain Steam user credentials. The BITB attack involves the creation of false browser windows inside the open window, which are then disguised as sign-in pop-up pages for…

A survey conducted by Gartner finds that many international companies are actively attempting to reduce the number of cybersecurity vendors they rely on in their technology stacks. In total, 75 percent of organizations surveyed by Gartner expressed…

Arctic Wolf Labs' cybersecurity researchers have issued a warning about CVE-2022-29499, a Remote Code Execution (RCE) vulnerability discovered in Mitel MiVoice VoIP appliances that is being exploited by the Lorenz ransomware gang threat actor to attack…

PsExec assists administrators in remotely executing processes on network machines without the need to install a client. However, threat actors have also adopted the tool, often using it in the post-exploitation stages of an attack to spread across the…

The US moving and storage rental company U-Haul has experienced a data breach as a result of an unauthorized person gaining access to an unspecified number of rental contracts, according to Amerco, U-Haul's parent company. The number of impacted…

According to a new report, 80 percent of organizations have had at least one severe cloud security incident in the last year, and 41 percent believe cloud native services increase complexity, complicating security efforts. However, the study conducted by…

As part of a new social engineering campaign seeking sensitive information, hackers linked to the Iranian government have targeted individuals specializing in Middle Eastern affairs, nuclear security, and genome research. The targeted attacks were…

Orca Security conducted an analysis of data collected from major cloud services, finding that attackers only need three steps on average to gain access to sensitive data, with the most common starting point being the exploitation of a known vulnerability…

An international team has successfully implemented an advanced form of quantum cryptography. Quantum Key Distribution (QKD) is secure against attacks on the communication channel but not against attacks or manipulations of the devices themselves. As a…

VMware engineers tested the Linux kernel's fix for the Retbleed speculative execution bug and discovered that it can reduce computing performance by up to 70 percent. VMware performance engineering staffer Manikandan Jagatheesan reports that running…