Security vulnerabilities have been discovered in two widely used Point-of-Sale (PoS) terminals that could allow cybercriminals to conduct a number of malicious activities such as stealing credit card details, cloning terminals, and more. The…

Researchers are warning of an active ransomware campaign that is targeting MySQL database servers.  MySQL is an open-source relational database management system.  The ransomware is called PLEASE_READ_ME, and has so far breached at least 85,000…

Valve fixed critical bugs (CVE-2020-6016, CVE-2020-6017, CVE-2020-6018, and CVE-2020-6019) in its Steam gaming client, a popular platform for video games like Counter Strike: Global Offensive, Dota2, and Half Life.  The first three CVEs score 9.8…

Nadya Bliss, the executive director of Arizona State University's Global Security Initiative, and her colleagues from the University of Maryland, Lehigh University, Cornell University, and the University of Utah are calling on technologists to prioritize…

Palo Alto's Unit 42 developed a tool to help security teams visualize the techniques used by the attack group behind the Egregor ransomware attacks and to improve responses to these attacks. The Unit 42 ATOM Viewer allows security professionals to view…

A team of researchers at CyberMDX discovered flaws in more than one hundred different GE Healthcare imaging and ultrasound products widely used in US hospitals. The exploitation of these vulnerabilities could allow attackers to gain access to Protected…

Google has open-sourced its Python fuzzing utility called Atheris. Fuzzing refers to the process of feeding a software application with invalid or random data until it reveals a flaw. The goal of fuzzing is to find and fix vulnerabilities in software…

Cybersecurity firm FireEye has recently been affected by an attack where adversaries stole their Red Team assessment tools that the company uses to test its customers' security.  Researchers believe that state-sponsored actors were behind the hack…

The Amsterdam-based European Medicines Agency (EMA) working on the approval of two COVID-19 vaccines has revealed that it has faced a cyberattack. According to the U.S. drugmaker Pfizer and its German partner BioNTech, the cyberattack on the drugs…

The U.S. Cyber Command has announced that the U.S. and Australia signed an agreement to work together to develop a virtual cyber training range. The Cyber Training Capabilities Project Arrangement supports the advancement of USCYBERCOM's Persistent Cyber…

A team of computer scientists from the National University of Singapore demonstrated how robot vacuum cleaners could be used to eavesdrop on private conversations using built-in LIDAR (Light Detection and Ranging) sensors. They used a new method, called…

Security researchers at CrowdStrike are warning organizations that are victims of sophisticated cyber-attacks to not think of intrusions as a one-off event, as most organizations end up getting hit again within the year. The researchers found that 68…