A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one-third of Australia’s population was stolen has resulted in its first arrest recently.  The police launched Operation…

According to a cloud database provider, only one-third of PostgreSQL databases connected to the Internet use Secure Sockets Layer (SSL) for encrypted messaging. Bit.io, which provides a drag-and-drop PostgreSQL database as a service, used shodan.io to…

VMware recently announced patches for a vCenter Server vulnerability that could lead to arbitrary code execution.  The vCenter Server, a centralized management utility, is used for controlling virtual machines and ESXi hosts, along with their…

A million Facebook users have been "exposed" to seemingly harmless smartphone apps designed to steal their social network passwords, according to Meta. So far this year, Meta has identified over 400 malicious apps tailored for smartphones powered by…

The US authorities are urging voters to critically evaluate any information they receive about the upcoming midterms after warning that foreign actors may seek to sow doubt about the result.  The FBI and the US Cybersecurity and Infrastructure…

Scientists have made significant progress in developing Artificial Intelligence algorithms that can analyze patient data and create new ways to diagnose a disease or predict which treatments work best for different patients. The success of those…

After a hacker stole at least $100 million in cryptocurrency, the world's largest cryptocurrency exchange suspended trading on a smart contract blockchain. The hacker made $586 million from the Binance Smart Chain (BSC) attack. Binance CEO Changpeng "CZ…

By distributing 200 malicious packages and fake hacking tools on code hosting platforms such as NPM and GitHub, the LofyGang threat actors have built a credential-stealing enterprise. Researchers have discovered these packages in supply chain attacks…

According to researchers, attackers are increasingly focused on crafting attacks that are specialized to circumvent Microsoft's default security, thus requiring a shift in defense posture for organizations in the future. A new report from Avanan, which…

Cequence Security published its "API Protection Report: Shadow APIs and API Abuse Explode" report for the first half of 2022. Approximately 5 billion (31 percent) malicious transactions targeted unknown, unmanaged, and unprotected Application Programming…

It has been demonstrated in a new phishing technique that the App Mode feature in Chromium-based web browsers can be abused to create realistic desktop phishing applications. App Mode is intended to provide native-like experiences by launching…

Zscaler researchers have linked a newly discovered sample of LilithBot malware to the Eternity Group, also known as EternityTeam and Eternity Project. The Eternity Group runs a Malware-as-a-Service (MaaS) platform and is linked to the Russian "Jester…