Rapid7 recorded every attempt to compromise two common types of servers over a 12-month period using its honeypot network, discovering that the attempted credential attacks resulted in 512,000 permutations. Almost all of those passwords are found in a…

According to the first ever Interpol Global Crime Trend report, Cyber-related crimes such as money laundering, ransomware, and phishing pose the biggest threat to society.  The inaugural study was compiled from data received from the 195 member…

Open-source security is a major theme in enterprise security. Following a surge of software supply chain attacks against vendors such as SolarWinds and Colonial Pipeline, President Biden issued an Executive Order (EO) requiring organizations to develop…

Advocate Aurora Health informed 3 million patients of a data breach that may have exposed Protected Health Information (PHI). The breach was caused by the nonprofit health system's use of Google and Meta tracking pixels, which are widely used tools for…

Cisco is warning administrators of Cisco Identity Services Engine (ISE) solutions about two vulnerabilities that could be exploited to read and delete files on an affected device, as well as execute arbitrary scripts or access sensitive information. The…

Mandiant researchers are warning of a major shift from URSNIF's original purpose, with the malware now used to deliver next-stage payloads and steal sensitive data. The malware was initially used in banking fraud. The new variant, dubbed LDR4, was…

A BlackByte ransomware affiliate is quickly stealing data from compromised Windows devices using a new custom data-stealing tool called 'ExByte.' One of the most important functions in double-extortion attacks is data exfiltration. Ransomware operations…

Wordfence, a WordPress security company, announced that it began detecting exploitation attempts targeting the newly disclosed Apache Commons Text flaw on October 18, 2022. The vulnerability, CVE-2022-42889, also known as Text4Shell, has been assigned a…

As cybercrime incidents continue to rise, a consortium of research institutes, private enterprises, and universities has formed the Silhouette project to develop solutions for encrypting data in the optical domain that is considered safe from tampering…

The US National Institute of Standards and Technology (NIST) has challenged the world's cryptographers to develop encryption techniques to thwart cyberattacks by powerful quantum computers. Commonwealth Cyber Initiative (CCI) researchers from Virginia…

The Sherlock Cloud Solutions and Services Division (Sherlock) of the San Diego Supercomputer Center (SDSC) at UC San Diego works to solve the mysteries that cyberinfrastructure and cloud computing can present to the people and places served by the…

It has recently been discovered that hackers have breached the cloud-based data network of one of Australia's largest health insurers, potentially exposing the personal information of millions of patients throughout the country.  Medibank stated…