As part of an attack intended to exfiltrate data by downloading and running additional payloads, a web shell was dropped on the servers of VoIP phones running Digium's software. According to a report released by Palo Alto Networks Unit 42, the malware…

Guofei Gu, a professor in Texas A&M University's Department of Computer Science and Engineering, is the principal investigator of a research team that has received a $1 million grant from the National Science Foundation's (NSF) Resilient and…

Healthcare phishing attacks remain a top cyberattack vector, but new research shows that consistent security awareness training can significantly reduce the likelihood of a successful attack. KnowBe4 examined a dataset of over 9.5 million users in 19…

According to new research by Cynet, companies with small security teams continue to face a number of distinctive challenges that place these organizations at greater risk than larger enterprises.  The researchers stated that these enhanced risks are…

Trend Micro Research has released details about a now-patched Remote Code Execution (RCE) vulnerability in the Windows Network File System (NFS). The flaw, which stemmed from the improper handling of NFSv4, could be used by attackers to send malicious…

According to new research conducted by Tata Consultancy Services (TCS), enterprises are failing to plan properly for supply chain risks and cybersecurity threats from the wider digital ecosystem.  According to the researchers, organizations put the…

According to a new survey conducted by a company called Vason Bourne, financial firms are failing to strengthen their authentication technologies, even after a breach.  As many as four in five financial services organizations had experienced a…

Some security firms have noticed a decrease in ransomware activity as the value of Bitcoin has dropped in the last eight months. According to the cybersecurity firm Arctic Wolf, ransomware attacks have decreased by about a quarter since the beginning of…

According to a new report from Kaseya, the top three priorities for IT professionals are improving overall IT security (52 percent), increasing IT productivity through automation (33 percent), and migrating to the cloud (32 percent). Kaseya's survey of…

Researchers have discovered a massive campaign that scanned nearly 1.6 million WordPress sites for the presence of a vulnerable plugin that enables file uploads without authentication. The attackers are focusing on the Kaswara Modern WPBakery Page…

US debt collector Professional Finance Company (PFC) recently reported a data breach affecting 1.9 million individuals across over 650 different healthcare providers.  The Colorado-based company, which chases outstanding debts for healthcare…

The Virginia Commonwealth University Health System (VCU) has recently warned almost 4500 transplant participants about a privacy breach affecting their healthcare information.  VCU noted that some transplant recipients’ medical records contained…