A recent government-wide cybersecurity risk assessment, carried out by the OMB, in coordination with the Department of Homeland Security (DHS), highlights several serious issues that continue to imperil federal cybersecurity and ultimately put the nation at risk.
This was a busy week with lot's of new variants of active ransomware being released. We also have Sigrun offering free decryption to Russian victims and a awesome facepalm waiting for you at the end of the article.
An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware.
The vast majority of Redis servers left open on the Internet without any authentication system in place are most likely harboring malware, an Imperva spokesperson said.
The author of the Sigrun Ransomware is providing decryption for Russian victims for free, while asking for a ransom payment of $2,500 in Bitcoin or Dash for everyone else.
Google has announced today a new security mechanism for Pixel 2 smartphones, for which, in the near future, it would be impossible to update or replace the phone's firmware without entering the user's password.
Eventbrite-owned Ticket distribution service Ticketfly has taken its website offline today after a hacker defaced its frontpage and stole a part of its customer database.
Some of the recent additions to the Cascading Style Sheets (CSS) web standard are so powerful that a security researcher has abused them to deanonymize visitors to a demo site and reveal their Facebook usernames, avatars, and if they liked a particular web page of Facebook.
Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years.The vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients.
A North Korean cyber-espionage group has exploited an ActiveX zero-day to infect South Korean targets with malware or steal data from compromised systems, local media and security researchers have reported.
The creators of the encrypted email service, ProtonMail, have released a free version of their ProtonVPN VPN software for macOS. Even though the free version does not contain the full features that you would come to expect from a paid VPN service it is more than capable of obfuscating IP addresses and your location.
A vulnerability exists in the Windows operating system's JScript component that can allow an attacker to execute malicious code on a user's computer.
Three years ago it was revealed that Automatic tank gauges at approximately 5,000 US gas stations were exposed on the Internet, without password protection. Currently, according to a recent scan, 5,635 gas stations with the same vulnerability have been found.
Keys to the Universal Music Group's IT kingdom were made available online this month due to a forgetful IT contractor, Bleeping Computer has learned.
A new variant of the Cryptomix Ransomware has been discovered that appends the .BACKUP extension to encrypted files, changes the contact email, and provides a different ransom note message.
Honda Car India has left the personal details of over 50,000 users exposed on two public Amazon S3 buckets, according to a report published today Kromtech Security.
The developers behind Git and various companies providing Git repository hosting services have pushed out a fix to patch a dangerous vulnerability in the Git source code versioning software.
A 23-year-old Canadian man who hacked into Yahoo and Gmail accounts on behalf of Russian Secret Service (FSB) agents was sentenced to five years in prison and a fine of $250,000.
With the recent report about the VPNFilter router infection, the FBI has advised everyone to reboot their router. This article explains why this is not enough and that more steps are needed to fully remove the infection and protect your device.