A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum.

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece

Security researcher Kristin Paget, known in the cybersecurity industry as Hacker Princess, has won the (ISC)2 Diversity Award. US resident Paget was among the 2020 Global Achievement Awards honorees named today by the world’s largest nonprofit association of certified cybersecurity

A new phishing tactic which targets Verizon customers to steal user credentials, passwords and personal details has been detected. According to research by Armorblox, the email resembles a secure message from Verizon Support and is titled “Your attention is urgently

Configuration errors are the number one threat to cloud security, according to a new poll of IT and security professionals by Check Point. The security vendor interviewed 653 industry professionals to compile its 2020 Cloud Security Report. Three-quarters (75%) claimed

Product complexity and a lack of in-house skills mean many organizations are failing to fully realize the benefits of their cloud access security broker (CASB) solutions, according to the Cloud Security Alliance (CSA). The industry body polled over 200 IT

Security experts are warning of a 430% year-on-year increase in attacks targeting open source components directly in order to covertly infect key software supply chains. There were 929 attacks recorded between July 2019 and May 2020, according to Sonatype’s annual

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has released an analytical report on the previously

A security researcher has discovered that a threat actor controlled roughly 23% of the Tor network’s exit nodes. A security researcher named Nusenu revealed that in May a malicious controlled roughly 23% of the entire Tor network’s exit nodes. Experts

California cybersecurity company FireEye today announced that it is opening up its bug bounty program to the public. FireEye previously set up a private bug bounty program in partnership with Bugcrowd. As of today, the company is extending the program

A non-profit social services agency in Florida has been hit by a data breach after a security incident affected one of its outside vendors. Pace Center for Girls has issued a warning to its supporters after the organization discovered some

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Researchers from SentinelOne discovered new variants of the popular Agent Tesla Trojan that

Only 2% of organizations have run incident response scenarios related to the pandemic response. According to research by Immersive Labs of 402 organizations, nearly 40% are not fully confident in their teams training to handle a data breach if one

Citrix released an update covering multiple vulnerabilities in Citrix Endpoint Management (CEM) also referred to as XenMobile. Chaining the vulnerabilities allows an unauthenticated remote attacker to gain control over the Citrix Endpoint Management (CEM) server. The vulnerabilities can be tracked

Around a third (33%) of UK universities have been targeted with ransomware, freedom of information (FOI) requests submitted by the agency TopLine Comms have revealed. Of the 134 universities the requests were sent to, 105 responded. Of these, 35 (33%)

The SANS Institute has revealed that hundreds of emails from an internal account were forwarded to an unknown third party, compromising 28,000 records of personally identifiable information (PII). The global cybersecurity training and certifications organization said in a statement that