News
-
"Firms Perceived to Fake Social Responsibility Become Targets for Hackers, Study Shows"Recent reports show that the frequency and sophistication of data breaches are continuing to grow. Studies show that data breaches compromise an average of more than 3.8 million records every day. New research from the University of Notre Dame suggests… -
"Cloud Servers Hacked via Critical SaltStack Vulnerabilities"Two recently disclosed critical vulnerabilities in the popular SaltStack infrastructure automation software are now being exploited by attackers to take over servers. SaltStack is a widely-used open-source Python-based framework used by IT, network, and…
-
"Ransomware Payments Up 33% As Maze and Sodinokibi Proliferate in Q1 2020"Coveware's Q1 ransomware market report has revealed that the average ransomware payment has increased to $111,605 in Q1 2020, which is a 33% increase from Q4 of 2019. According to the report, 14% of ransomware attacks in Q1 2020 targeted organizations…
-
"Fake Labor Department Emails Designed to Spread TrickBot"Researchers from IBM X-Force found that adversaries are sending fake emails designed to look like notifications from the Labor Department concerning changes to the Family and Medical Leave act, in an attempt to spread TrickBot malware. The messages…
-
"Oracle: Unpatched Versions of WebLogic App Server Under Active Attack"Oracle has recently released its April 2020 Critical Patch update, which fixed 405 flaws, including 286 that were remotely exploitable across nearly two dozen product lines. One major vulnerability named CVE-2020-2883 affected Oracle's WebLogic server,…
-
"Software Flaws Often First Reported on Social Media Networks, PNNL Researchers Find"According to a study conducted by researchers at the U.S. Department of Energy's Pacific Northwest National Laboratory (PNNL), software vulnerabilities are more likely to be discussed on social media sites such as GitHub, Twitter, and Reddit before they…
-
"Healthcare Targeted By More Attacks But Less Sophistication"According to the Healthcare Information Sharing and Analysis Center (H-ISAC), healthcare organizations have observed a 30% increase in coronavirus-themed phishing websites. Still, they have not seen as many successful security breaches. Although there…
-
"John Jay College Cyber-Terrorism Project Selected for New Homeland Security Center of Excellence"One of the 13 projects chosen by the Department of Homeland Security to be a part of the National Counterterrorism Innovation, Technology, and Education (NCITE) Center is a John Jay College of Criminal Justice project. The project will study…
-
"iOS Mail App Flaws May Have Left iPhone Users Vulnerable For Years"Researchers have discovered that Apple's iOS Mail app has two severe security vulnerabilities. The security flaws allow adversaries to remotely compromise a device by sending an email that will consume high amounts of the device's memory. The…
-
"New Android EventBot Malware Steals Data From Financial Applications"Security researchers at Cybereason Inc. discovered a new form of Android mobile malware, called "EventBot," which is described to be a mobile banking Trojan and infostealer. EventBot malware steals user data from financial applications such as banking,…
-
"Surge in Phishing Attacks Using Legitimate reCAPTCHA Walls"Researchers from Barracuda Networks, have discovered that adversaries are starting to use legitimate reCaptcha walls to disguise malicious content from email security systems. reCAPTCHA walls are usually used to verify human users before allowing…
-
"Darknet Markets Make Malware Buying Easy"Research conducted by researchers at CyberNews brings further attention to the increased availability of malicious tools and malware to threat actors via underground message boards and dark web market networks. The ease at which threat actors can…