The security agencies of five countries have outlined 10 of the most common ways threat actors compromise their victims, most of which can be mitigated by basic cyber-hygiene best practices. Cybersecurity authorities of the US, Canada, New Zealand, the…

Security researchers have found that tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin.  The…

The Federal Bureau of Investigation (FBI) has issued a warning pertaining to a malicious actor stealing credit card information from the checkout pages of US firms' websites. According to the FBI, unidentified cyber actors scraped credit card data from a…

Cyber actors commonly use misconfigured or unsecured security configurations, weak controls, and other bad cyber hygiene practices to gain initial access or compromise a victim's system. A joint Cybersecurity Advisory co-authored by the cybersecurity…

IBM has announced education initiatives with the US Department of Veterans Affairs, the Specialisterne Foundation, and six Historically Black Colleges and Universities (HBCUs) to provide free Science, Technology, Engineering, and Mathematics (STEM) job…

NVIDIA has issued a security update for various graphics card models to fix four high-severity and six medium-severity vulnerabilities in its GPU drivers. The security update addresses flaws that malicious actors can exploit for Denial-of-Service (DoS),…

Representatives from the European Union (EU) and the US government have jointly announced a range of new initiatives in SMB and supply chain security, tackling disinformation, sanctions evasion, and the development of trustworthy AI and privacy-enhancing…

NCC Group researchers uncovered a Bluetooth Low Energy (BLE) vulnerability that attackers could use to unlock Teslas, residential smart locks, building access systems, mobile phones, computers, and various other devices. BLE is a data-sharing protocol…

The Cloud Security Alliance (CSA) has issued recommendations to assist organizations in effectively addressing healthcare supply chain cybersecurity. Healthcare organizations are responsible for monitoring every step of the supply chain, from software…

A senior White House official overseeing cybersecurity recently stated that the U.S. is ahead of China in the dash to achieve quantum supremacy thanks to the “huge competitive advantage” conferred by the collaborative nature of American science and…

Apple has released security updates to fix a zero-day vulnerability that attackers can use to target Macs and Apple Watch devices. AppleAVD (a kernel extension for audio and video decoding) has an out-of-bounds write vulnerability that allows apps to run…

US authorities have accused a 55-year-old doctor of developing, selling, and renting out ransomware to cybercriminals worldwide.  Moises Luis Zagala Gonzalez (Zagala), aka “Nosophoros,” “Aesculapius,” and “Nebuchadnezzar,” is a French and Venezuelan…