Researchers at Sophos Labs have unearthed a fraudulent scam that exploits iPhone users looking for love via dating apps.   Under the CryptoRom scam, victims are contacted through their dating app account, and the scammer gains the victim’s trust by…

Security researchers at Symantec are warning of a newly discovered ransomware variant currently being used in targeted attacks.  The new ransomware is dubbed “Yanluowang” after the .yanluowang extension it adds to encrypted files.  The…

Several studies call into doubt the notion that neural networks are black boxes that do not reveal anything about what is happening inside. Researchers at the University of Caen Normandy in France performed a membership attack to expose hidden training…

OpenOffice and LibreOffice have pushed updates to address a vulnerability that could allow an attacker to spoof signed documents. The vulnerability is classified as mild in severity, but its exploitation could lead to severe consequences. The…

A team of researchers from George Mason University (GMU), Dartmouth College, and HP did a study on the inner workings of cybersecurity incident response teams (CSIRTs), which led to the development of a framework that applies behavioral psychology…

Technology giant Microsoft has disclosed that it mitigated a DDoS attack of 2.4 terabytes per second, which targeted an undisclosed European customer using its cloud computing service Microsoft Azure.  According to Microsoft, the attack, observed in…

An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.   Researchers at security consulting and testing company Pen Test Partners discovered the…

A recent alert from the Health Sector Cybersecurity Coordination Center (HC3) of the Department of Health and Human Services (HHS) brings attention to Medusa, also known as TangleBot, which is a malware variant spreading via SMS and targeting Android…

Researchers at BlueVoyant discovered that 93% of global organizations have suffered a direct breach due to weaknesses in their supply chains over the past year. The cybersecurity services company polled 1200 IT and procurement leaders responsible for…

The U.S. Food and Drug Administration (FDA) issued a notice regarding the recall of all Medtronic MiniMed remote controllers used with the Medtronic MiniMed 508 insulin pump or the MiniMed Paradigm family of insulin pumps because of potential…

The National Security Agency (NSA) recently issued guidance regarding risks associated with wildcard TLS certificates and Application Layer Protocols Allowing Cross-Protocol Attack (ALPACA) techniques. The new guidance calls on network administrators to…

Researchers at Ermetic announced the results of a study about the security posture of AWS environments and their vulnerability to ransomware attacks. For the study, researchers mapped out scenarios in which the right combination of permissions would…