Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware

Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone...

Using XDR to Consolidate and Optimize Cybersecurity Technology

Businesses know they need cybersecurity, but it seems like a new acronym and system is...

New Truebot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm

Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S....

Why is Robust API Security Crucial in eCommerce?

API attacks are on the rise. One of their major targets is eCommerce firms like...

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a...

What Stricter Data Privacy Laws Mean for Your Cybersecurity Policies

For today’s businesses data privacy is already a big headache, and with modern privacy laws...

MuddyWater Hackers Target Asian and Middle East Countries with Updated Tactics

The Iran-linked MuddyWater threat actor has been observed targeting several countries in the Middle East as well...

Code of practice for app store operators and app developers

Nick B explains how a new code of practice will protect consumers from malicious actors...

Threat Report 9th December 2022

The NCSC’s threat report is drawn from recent open source reporting....

Researchers Uncover Darknet Service Allowing Hackers to Trojonize Legit Android Apps

Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows...

1 Comment

IOTW: Metallica encourages fans to seek and destroy crypto scams

Malicious actors have been posing as the band in an attempt to defraud fans by...

National Online Informative References (OLIR) Program: Two Draft NIST IRs Available for Comment

NIST is seeking public comments on two draft NIST Internal Reports (NIST IR) for the...

COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers

An unconventional data exfiltration method leverages a previously undocumented covert channel to leak sensitive information...

Apple Boosts Security With New iMessage, Apple ID, and iCloud Protections

Apple on Wednesday announced a raft of security measures, including an Advanced Data Protection setting that enables...

Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender

Looking to up your cybersecurity game in the new year? Do not just buy electronics...

Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers

An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to...

Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack

An Iranian advanced persistent threat (APT) actor known as Agrius has been attributed as behind a set...

NCCoE Learning Series: Cybersecurity for the Water and Wastewater Systems Sector

Access to clean water is critical to public health, the environment, and our nation’s economic...

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in...

How XDR Helps Protect Critical Infrastructure

Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the...

Are Ethics and Social Engineering Compatible?

Many people assume that as professional social engineers (SE) we use EVERY method possible to...

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to the ongoing...

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

A state-sponsored hacking group with links to Russia has been linked to attack infrastructure that...

New Zealand government compromised in third-party cyber attack

The cyber attack has compromised access to several government systems...

1 Comment

Microsoft Alerts Cryptocurrency Industry of Targeted Cyber Attacks

Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups...

New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network

A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of...

Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks

A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat...

Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics

Hackers with ties to the Iranian government have been linked to an ongoing social engineering...

Darknet’s Largest Mobile Malware Marketplace Threatens Users Worldwide

Cybersecurity researchers have shed light on a darknet marketplace called InTheBox that’s designed to specifically cater to...

Understanding NIST CSF to assess your organization’s Ransomware readiness

Ransomware attacks keep increasing in volume and impact largely due to organizations’ weak security controls....