According to a Cato Networks survey, organizations still run insecure protocols across their Wide Access Network (WAN), making cybercriminals' movement easier.

The City of Helsinki, located in Finland, is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel.

Years have passed since the identification of "Heartbleed," a critical OpenSSL vulnerability, but questions remain regarding branded vulnerabilities and the appropriate naming of vulnerabilities.

CISPA-Faculty Professor Dr. Cas Cremers, his postdoc Mang Zhao, and Dr. Eyal Ronen have developed a new security method for Zoom, one of the most popular software products for video conferencing.

The MITRE Corporation has made "EMB3D," a threat-modeling framework for vendors of embedded devices used in critical infrastructure environments, officially available.

Firstmac Limited just started warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm.

Threat actors have been conducting Domain Name System (DNS) tunneling to track when targets open phishing emails and click on malicious links. They are also applying the method to scan networks for vulnerabilities.

Cyberattackers launching "Mallox" ransomware, also known as "Fargo," "TargetCompany," and "Mawahelper" have applied sophisticated methods, as shown by a recent Microsoft SQL (MS-SQL) honeypot incident.

A recent data breach faced by the Debt collection agency Financial Business and Consumer Solutions (FBCS) compromised the personal information of almost 2.7 million people.

Security researchers at Security Research (SR) Labs have warned online shoppers to be on their guard after revealing news of an extensive network of fake e-commerce stores designed to steal victims’ card details and cash.

Several vulnerabilities in cellular modem technology impact millions of Internet of Things (IoT) devices in financial services, telecommunications, healthcare, and other sectors. Telit Cinterion modems have Remote Code Execution (RCE) flaws.

A well-known threat actor is starting to sell what they claim to be a legitimate trove of highly sensitive internal data stolen from Europol this month. "IntelBroker" recently took to the hacking site BreachForums to advertise their wares.