Security researchers at Sucuri have recently spotted an intriguing malware campaign designed to increase the search engine rankings of spam websites under the control of threat actors.  Over 15,000 WordPress and other sites have been redirected to…

Researchers have discovered the "Cloud9" malicious Chrome browser extension, which steals information available during a browser session and then installs malware to take control of the entire device. Cloud9 behaves like a Remote Access Trojan (RAT) and…

According to new research by BlueVoyant, just 2% of global organizations didn’t suffer a supply chain breach last year.  The researchers noted that visibility into cyber risk is getting harder as these ecosystems expand.  The researchers polled…

Titania has released an independent research report investigating the impact of exploitable misconfigurations on network security in the US federal government. According to the study, "The Impact of Exploitable Misconfigurations on the Security of Agency…

'Earth Longzhi,' a previously unknown Chinese Advanced Persistent Threat (APT) hacking group, targets organizations in East Asia, Southeast Asia, and Ukraine. The threat actors have been active since at least 2020, planting persistent backdoors on…

Citrix and VMware products have critical authentication-bypass vulnerabilities, threatening devices running remote workspaces with a complete takeover, the vendors have warned. Citrix's CVE-2022-27510 critical bug, with a CVSS vulnerability-severity…

A malicious package found on the Python Package Index (PyPI) was discovered using a steganographic trick to conceal malicious code within image files. According to researchers at Check Point, the package in question, named "apicolor," was uploaded to the…

The Industrial Internet of Things (IIoT) is increasingly gaining popularity due to its ability to create communication networks between various components of an industry and usher in the new Industry 4.0 revolution. IIoT, powered by wireless 5G…

Sensors collect and share large amounts of data to help decision-makers in an increasingly connected and smart world. Through these sensors, people receive ever-increasing amounts of data in ways that can be difficult to decipher. A group of researchers…

The winners of the 2022 Bring Down Counterfeiting Public Policy Hackathon, held November 5 at the Homeland Security Investigations Innovation Lab in Arlington, were announced by George Mason University's Terrorism, Transnational Crime and Corruption…

Security researchers Dtex conducted a study on the top insider risk trends for 2022 and discovered that twelve percent of all employees take sensitive intellectual property (IP) with them when they leave an organization. Some of the IP taken from…

The 'Justice Blade' threat actor group published leaked data from Smart Link BPO Solutions, an outsourcing Information Technology (IT) vendor that works with major enterprises and government agencies in Saudi Arabia and other Gulf Cooperation Council (…