Pwn2Own 2020 is a live hacking contest, in which contestants are challenged to exploit widely-used software, Operating system, and mobile devices. Now it’s organized by Trend Micro’s Zero Day Initiative (ZDI) for ethical hackers and security researchers who have participated

The crippling ransomware attack on Norsk Hydro may have been a state-backed attempt to disrupt rather than extort money, and as such provides a “blueprint” for how similar future campaigns may work, Dragos has warned. The security vendor’s principal adversary

The SANS Institute has produced a training kit and additional resources designed to offer organizations, individuals and parents some best practice advice on working from home securely, as the Covid-19 pandemic spreads. The information security training provider claimed its Security

The Fortune 1000 will face significant cyber-loss events in future and will see costs mount up. According to a new research paper by the Cyentia Institute, it is estimated that one in four Fortune 1000 businesses will suffer a cyber-related

Google is this week rolling out its Advanced Protection Program (APP) to all Android users in a bid to improve protection against malicious apps. The APP was originally reserved for high-risk users such as journalists, activists, political campaigners and others.

Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, new campaigns aim at spreading TrickBot and Emotet Trojans. Experts warn of new Coronavirus-themed attacks that are spreading TrickBot and Emotet Trojans. Operators behind these campaigns are

A New TrickBot module discovered brute-forcing RDP connections on selected targets, mostly the telecom industry. TrickBot is a well-know trojan for credential-harvesting, it is active since 2016, and it’s mainly focused on stealing financial data. Security researchers from Bitdefender observed

American incident response and digital forensic services company Crypsis today announced the formation of a new research team dedicated to sharing threat data with the public. Crypsis Threat Research Labs (CTRL) will strive to analyze emerging cybersecurity threats and trends

Cisco fixed 5 security flaws in Cisco SD-WAN that allow attackers to make unauthorized changes to the system, and to execute the arbitrary commands. Out of five, three are high severity flaws and the flaws are due to insufficient input

Health technology company Royal Philips has become the first medical device manufacturer to receive a new product cybersecurity testing certification. The certification–catchily titled UL IEC 62304–was created by independent global safety certification and testing nonprofit company Underwriters Laboratories (UL). The

Companies are offering businesses free cybersecurity support as coronavirus scams proliferate and over-stretched healthcare providers become more vulnerable to cyber-attacks. Irish cybersecurity awareness training company Cyber Risk Aware announced yesterday that it would be providing free COVID-19 phishing tests for

The Magecart Group has revived its activity, with a skimmer placed on the website of blender manufacturer NutriBullet. According to RiskIQ, the group is identified as Magecart Group 8, and RiskIQ was able to catch the attack as it happened.

Trend Micro has found and fixed several critical vulnerabilities in its products, two of which it warned are being exploited in the wild. The security giant released patches for Apex One and OfficeScan XG on Windows, urging customers to upgrade

Financial institutions could have prevented hundreds of millions of pounds worth of fraud over the past three years by implementing a simple payee-checking service online, a consumer rights group has claimed. Which? estimates that GBP1.1 billion has been lost to

Over half a million highly sensitive legal and financial documents have been leaked online by a US loans company after another cloud configuration error. Security researchers at vpnMentor led by Noam Rotem found the database in an unsecured Amazon Web

The online guitar tutoring website TrueFire was compromised by hackers in a classic Magecart style attack that exposed customers’ payment card data. The popular online guitar tutoring website TrueFire has suffered a ‘Magecart‘ style security breach that might have exposed