Security researchers have discovered yet another destructive malware variant targeting Ukrainian machines, the fourth so far this year. ESET claimed to have made the find yesterday, noting that the “CaddyWiper” malware was seen on a few dozen systems in…

Checkmarx has shared its findings from a survey of application security (AppSec) managers and software developers. The goal of the survey was to highlight the most significant security challenges being faced by AppSec managers and software developers in…

A malware distribution operation has been discovered on YouTube. According to security researchers in Korea who discovered the operation, it involves using Valorant cheat lures to trick gamers into installing an information stealer called RedLine Stealer…

The Japanese car parts giant Deso has revealed that hackers recently accessed its network in Germany to deliver a piece of ransomware. After detecting the breach, the company shut down the compromised devices' network connections. Despite this response,…

The gaming giant Ubisoft, headquartered in Montreuil, France, said on March 10 that an incident took place earlier this month, causing temporary disruption to some of their games, systems, and services.  Ubisoft's IT team is currently working with…

According to new research from Accenture, the cybercrime underground has fractured into pro-Ukraine and pro-Russia camps.  The pro-Russia threat actors are increasingly focused on critical national infrastructure (CNI) targets in the West.  The…

After the Apache Foundation disclosed and fixed the Log4j vulnerability, over 4 in 10 downloads of the logging tool from the Maven Central Java package repository remained vulnerable versions. A dashboard launched by the Maven Central administrator…

Sander Zeijlemaker, a researcher at Radboud University, calls on companies to invest smarter rather than invest more to efficiently limit the risks of cyberattacks. Many organizations still mainly choose to invest based on past information. Zeijlemaker…

Researchers at Avanan have discovered evidence of a phishing campaign that uses a trick involving text color in an email. The phishing emails include text that is covered in white that hides from the end-user and evades phishing filters. This technique…

The US Securities and Exchange Commission (SEC) has proposed new rules designed to increase transparency around cybersecurity incident reporting.  The SEC wants listed companies to disclose a “material cybersecurity incident” within four business…

Security researchers at HackerOne have conducted a survey and found that enterprises are putting greater stock in cybersecurity, but outdated “security by obscurity” is still prevailing as companies wrestle with security awareness and shy away from bug-…

Spectre hardware design bugs in processors remain an issue as researchers at the security vendor VUSec have demonstrated how to revive the data leak vulnerability. According to the researchers, attackers can get around software fixes such as Retpoline…