Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023The IBM Cost of...
Google to Delete Billions of Browsing Records in ‘Incognito Mode’ Privacy Lawsuit Settlement
Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant...
Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds."Savvy Seahorse is...
VMware Patches Severe Security Flaws in Workstation and Fusion Products
Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger...
SystemBC Malware’s C2 Server Analysis Exposes Payload Delivery Tricks
Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC."SystemBC can be purchased on underground marketplaces and...
WinZip trial popup vulnerability lets hackers drop malware
The worker customer correspondence in specific renditions of the WinZip document pressure apparatus is uncertain and could be altered to serve malware or fake...
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for...
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks
The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month."Since mid-December...
Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks
Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023.The vulnerabilities...
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on...
