A new Booz Allen Hamilton report examined more than a dozen Chinese-sponsored cyberattacks over the last decade. According to Booz Allen Hamilton, Chinese government-sponsored cyberattacks present a challenge to US national security interests both at…

Ransomware attacks are taking on new dimensions. As people's work habits, daily routines, geographic locations, and trust in institutions changed in the face of global political shifts and the COVID-19 pandemic, ransomware attacks took advantage of the…

Security researchers at Symantec have warned that a China-linked cyberespionage group was recently observed targeting a state legislature in the United States.  Active since at least 2010, the group is tracked as APT27, Bronze Union, Budworm,…

The US Department of Defense (DOD) Office of Naval Research (ONR) has awarded $9 million to North Carolina Agricultural and Technical State University researchers to investigate how to create trustworthy, reconfigurable, and secure Artificial…

Palo Alto Networks and Aruba Networks have recently released patches for severe vulnerabilities affecting their products.  An advisory published by Palo Alto Networks on October 12 informs customers about a high-severity authentication bypass…

People are being tricked by an Android banking malware attack into entering their phone number and other sensitive information into phishing websites, which cybercriminals then use to call victims and further deceive them into installing malware on…

Forescout's research team examined 19 million connected devices deployed across five industries to identify the riskiest device groups, which are smart buildings, medical devices, networking equipment, IP cameras, VoIP, and video conferencing systems.…

Since at least September 2021, an Advanced Persistent Threat (APT) group known as POLONIUM has used custom backdoors in attacks against Israeli entities. The POLONIUM APT group targeted only Israeli targets and launched attacks on more than a dozen…

Researchers discovered a threat actor distributing a data-stealing mobile Trojan through a spoofed version of YoWhatsApp, a relatively popular modified version of the WhatsApp messaging app. Users who install the app risk having their WhatsApp account…

Researchers discovered a new attack and command-and-control (C2) framework known as 'Alchimist,' which appears to be actively used in attacks against Windows, Linux, and macOS systems. The framework and its files are 64-bit executables written in GoLang…

A novel timing attack against the npm's registry Application Programming Interface (API) can potentially be used to reveal private packages used by organizations, thus putting developers at risk of supply chain threats. Threat actors can detect…

Jedidiah Crandall, an associate professor of computer science at Arizona State University (ASU), is conducting research on the effectiveness of Virtual Private Networks (VPNs). Crandall explains that VPNs conceal a user's Internet Protocol (IP) address…