The sharing mentality is starting to take hold across the cybersecurity industry, with the vast majority of security decision-makers confessing that they would be willing to share threat intelligence, according to a new publication by IronNet. The report, Collective Offense

Google discloses security bug that affects Bluetooth Low Energy (BLE) version of the Titan Security Keys, non-Bluetooth security keys are not affected. For the affected users, as an immediate measure, Google offering free replacement key. To check if you are

Customers of Boost Mobile are being urged to change their passwords and PINs after the company announced that it detected unauthorized activity from a third party. “On March 14, 2019, Boost.com experienced unauthorized online account activity in which an unauthorized

Last week Infosecurity Magazine reported on threat intelligence published by Advanced Intelligence (AdvIntel) claiming that three US antivirus companies had been hacked by a top-tier Russian hacking collective. While the original research did not identify the impacted companies, both Gizmodo

Fast Retailing Co., Asia’s largest retailer, released a statement acknowledging that hackers likely gained access to the personal information of nearly half a million Uniqlo and GU brand e-commerce portal users. “It was confirmed on May 10, 2019 that an

Twitter confirmed revealed that a bug in its iOS app it the root cause for an inadvertent collection of location data and sharing it with a third-party. A new story of a violation of the user’s privacy made the lines,

Healthcare organizations (HCOs) are increasingly at risk from legacy operating systems, device complexity and the use of commonly exploited protocols, according to a new study from Forescout. The security vendor analyzed 75 global healthcare deployments running over 1.5 million devices

Microsoft released fixes for 79 unique vulnerabilities yesterday, including 22 critical bugs — one of which could be used to spread malware around the globe. Microsoft detailed the potential impact of CVE-2019-0708 in a separate blog post on Tuesday. This

Researchers have discovered a major new set of vulnerabilities in nearly all post-2011 Intel chips which could enable side-channel attacks targeting sensitive information. ZombieLoad is reminiscent of Spectre and Meltdown bugs reported in January 2018 in that it affects not

Security researchers a new malware campaign that delivers Plead malware by abusing legitimate software that developed by ASUS Cloud Corporation. The PLEAD malware found to be active since 2012, and the executables are signed with the stolen certificate. The new

Millions of computers powered by Intel processors are affected by a new class of vulnerabilities (MDS) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could

Adobe released security updates for May that includes the fix for 87 vulnerabilities with Media Encoder, Flash Player and Adobe Reader. Successful exploitation of the vulnerability allows an attacker to run arbitrary code in the context of the current user.

Two critical vulnerabilities named as Thrangrycat affected millions of Cisco products that deployed in private and government entities allow hackers to bypass Cisco’s secure boot mechanism called Trust Anchor module (TAm). Cisco Trust Anchor module (TAm) proprietary hardware security module

The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester.

Equifax has incurred losses so far of over $1.35bn from a devastating 2017 breach which affected more than half of all Americans and millions of UK consumers, the firm revealed in its latest financials. The credit agency claimed in its

WhatsApp is urging its global users to update their app after fixing a serious remote code execution (RCE) vulnerability which was being exploited in a highly targeted attack, potentially by a nation state. The Facebook-owned mobile comms giant, which has