Two Indian vaccine makers and an Oxford University lab are reportedly among the latest targets of hackers apparently seeking to steal COVID-19 research data.
A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.
Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.
Proofpoint reports that Chinese state-sponsored hackers are using a new customized malicious Mozilla Firefox browser extension that facilitates access and control of victims’ Gmail accounts. So far, the hackers are targeting Tibetan organizations.
Authorities have accused Serbia-based scammers of capitalizing on the "initial coin offering" bubble that began in 2017, bilking global cryptocurrency investors out of $70 million via Bitcoiin2Gen and other supposed coins and hiring actor Steven Seagal to endorse them.
The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.
SonicWall was recently attacked via a zero-day flaw in one of its own products. Curiously, SonicWall hasn't said much about the extent and damage of the breach since its announcement. But there are strong indications it may have been targeted by an extortion attempt.
Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.
Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
The "Cuba" ransomware gang has hit Seattle-based Automatic Funds Transfer Services, which processes data from California's Department of Motor Vehicles as well as many cities in Washington. Victim organizations say AFTS is investigating the incident and that an unknown amount of individuals' data was exposed.
In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
