Latest Cybersecurity News and Articles
16 May 2024
Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic.
The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on
16 May 2024
59% of organizations experienced a software supply chain attack, with 54% of these respondents having experienced one in the past year.
16 May 2024
The Personal Internet Protection (PIP) service aims to provide an additional layer of security to individuals at “high-risk” of cyberattacks like spear-phishing, malware and other threats, ahead of the upcoming election year.
16 May 2024
Google is adding new anti-theft and data protection features for Android, including AI-powered screen locks, remote locking, and improved factory reset protection to secure users' data if devices are lost or stolen.
16 May 2024
Palo Alto Networks is acquiring IBM's QRadar cloud security software assets and migrating existing customers to its own Cortex XSIAM platform, as part of a broader partnership that will give Palo Alto access to consultants and a larger customer base.
16 May 2024
The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware.
"The threat actor created a Facebook account with a fake identity disguised as a public official working in the North Korean human rights field," South Korean cybersecurity company Genians
16 May 2024
The Biden administration plans to have consumer devices labeled with the U.S. Cyber Trust Mark on store shelves by the end of 2024, to help consumers understand security and encourage manufacturers to include basic digital defenses.
16 May 2024
Researchers identified 11 security flaws in certain GE HealthCare ultrasound devices, including the Invenia ABUS 2.0, that could allow malicious actors with physical access to the devices to implant ransomware or access and manipulate patient data.
16 May 2024
Apple and Google have joined forces to develop an industry specification that will allow users across iOS and Android to be alerted if a Bluetooth tracking device is being used to unknowingly track their location.
16 May 2024
Cybercriminals are exploiting the popularity of DocuSign by creating and selling fake email templates and login credentials to enable phishing attacks, blackmail, and business email compromise against targeted companies.
16 May 2024
Alkira, a leader in on-demand network infrastructure as-a-service, has raised $100 million in Series C funding to further expand its innovative platform that simplifies, secures, and scales critical network infrastructure for enterprises.
16 May 2024
Google has released an emergency security update for Chrome to address the third zero-day vulnerability exploited in attacks within a week, highlighting the ongoing challenges in securing the popular web browser against sophisticated cyber threats.
16 May 2024
The co-founder of the cryptocurrency anonymizing service Tornado Cash, Alexey Pertsev, was convicted by a Dutch court of money laundering $1.2 billion and sentenced to five years and four months in prison.
16 May 2024
Adobe patched 35 security vulnerabilities across a range of its products, including Acrobat, Reader, Illustrator, Substance 3D Painter, Aero, Animate, FrameMaker, and Dreamweaver.
16 May 2024
Russia-linked APT groups pose a significant threat to OT environments, as demonstrated by their recent attacks targeting critical infrastructure in Ukraine and its allies, with the potential for further disruption and long-term espionage operations.
16 May 2024
The phishing campaign uses a multi-step process to steal account information, including the user's Meta business email, page name, owner details, financial information, and ultimately the account password.
16 May 2024
Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances.
"The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of
16 May 2024
Cybersecurity professionals face a dilemma: sharing information after an attack can prevent future incidents, but businesses often hesitate due to fears of litigation, customer inquiries, and reputational harm.
16 May 2024
LogRhythm, a leading SIEM (Security Information and Event Management) company, is merging with Exabeam, another prominent SIEM player, in a move that aims to create a stronger, AI-driven security operations leader in the market.
16 May 2024
Cybersecurity researchers have discovered a concerning trend of PDF exploitation targeting users of Foxit Reader, a popular PDF software, with sophisticated attack chains and malware families being utilized in real-world scenarios.