Draft Call for Multi-Party Threshold Schemes: NIST IR 8214C ipd Available for Public Comment

NIST requests public comments on NIST IR 8214C ipd (initial public draft), NIST First Call...

North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

A North Korean nation-state group notorious for crypto heists has been attributed to a new...

LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal...

VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

VMware on Tuesday released software to remediate four security vulnerabilities affecting vRealize Log Insight (aka Aria Operations...

Providing Timely and Clear Data to Support Federal Cybersecurity Workforce Needs

Speakers: To be announced. Synopsis: Efforts to grow and sustain the federal cybersecurity workforce should...

1 Comment

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while...

1 Comment

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

The U.S. Federal Bureau of Investigation (FBI) on Monday confirmed that North Korean threat actors...

1 Comment

Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

Vulnerability analysis results in Orange Cyberdefenses’ Security Navigator show that some vulnerabilities first discovered in 1999 are...

Emotet Malware Makes a Comeback with New Evasion Techniques

The Emotet malware operation has continued to refine its tactics in an effort to fly...

2 Comments

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing...

Facebook Introduces New Features for End-to-End Encrypted Messenger App

Meta Platforms on Monday announced that it has started to expand global testing of end-to-end...

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

Two security flaws have been disclosed in Samsung’s Galaxy Store app for Android that could...

SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric

The move to SaaS and other cloud tools has put an emphasis on Identity &...

Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

The legitimate command-and-control (C2) framework known as Sliver is gaining more traction from threat actors as it emerges...

Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

Researchers have shut down an “expansive” ad fraud scheme that spoofed more than 1,700 applications...

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers’ DNS Settings

Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated...

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against...

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

The Irish Data Protection Commission (DPC) on Thursday imposed fresh fines of €5.5 million against...

1 Comment

New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as...

NCSC to retire Logging Made Easy

The NCSC is retiring Logging Made Easy (LME). After 31 March 2023, we will no...

Phishing and ransomware amongst biggest threats to charity sector

New report outlines the growing threat that charities face, and how they can become resilient...

IOTW: Mailchimp suffers another social engineering attack

This marks the second social engineering attack the company has suffered in less than a...

New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks

A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft...

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that...

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and...

6 Types of Risk Assessment Methodologies + How to Choose

An organization’s sensitive information is under constant threat. Identifying those security risks is critical to...

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of Anatoly Legkodymov (aka...

Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information

Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled...

Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

An ongoing campaign dubbed Earth Bogle is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan...

Personal Cybersecurity Concerns for 2023

Not too long ago, many of us thought that cybersecurity was something for corporations to...

1 Comment