Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXFed 'Cyber Trust' Label: Good Intentions That Fall Short
The voluntary program is intended to boost consumer confidence in vulnerable IoT devices, but experts want to see vendors held to a higher standard.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
CrowdStrike Achieves FedRAMP Authorization for New Modules
Trend Micro and Intel Innovate to Weed Out Covert Threats
Zivver Report Reveals Critical Challenges in Email Security for 2025
Palindrome Technologies Approved as Cybersecurity Label Administrator for FCC's IoT Program
Green Bay Packers' Online Pro Shop Sacked by Payment Skimmer
Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit card data from 8,500 fans.
Malicious hackers have their own shadow IT problem
Researchers at watchTowr Labs found that abandoned and expired internet infrastructure left by hacking groups can function as backdoors within other backdoors. The post Malicious hackers have their own shadow IT problem appeared first on CyberScoop.
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious. While there are safeguards such as DomainKeys
New Docuseries Spotlights Hackers Who Shaped Cybersecurity
"Where Warlocks Stay Up Late" project speaks to hackers who have played pivotal roles in shaping the field of cybersecurity. The video interviews are complemented by an encyclopedia and an anthropological map.
Unconventional Cyberattacks Aim to Take Over PayPal Accounts
Attackers are abusing a Microsoft 365 feature to send payment requests to users, tricking them into logging in to their accounts so attackers can seize control over them.
Best Practices & Risks Considerations in LCNC and RPA Automation
Low-code/no-code (LCNC) and robotic process automation (RPA) technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits.
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques," Cyfirma said in a technical analysis published last week. "It employs
Top 5 Malware Threats to Prepare Against in 2025
2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission (FCC) said. "Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear
Ransomware Targeting Infrastructure Hits Telecom Namibia
The southern African telco is the latest entity on the continent to have its critical infrastructure hacked, and attackers release sensitive info online when Telecom Namibia refuses to negotiate.
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-41713 (CVSS score: 9.1) - A path traversal vulnerability in Mitel MiCollab that could allow an attacker
National Cyber Director Harry Coker looks back (and ahead) on the Cyber Director office
Itβs made real strides, but thereβs a lot more that it could be doing, he said, and more that needs to be done. The post National Cyber Director Harry Coker looks back (and ahead) on the Cyber Director office appeared first on CyberScoop.
A Day in the Life of a Prolific Voice Phishing Crew
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone...
1Password Acquires SaaS Access Management Provider Trelica
The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around software-as-a-service sprawl and shadow IT.
Sharing of Telegram User Data Surged After CEO Arrest
Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.
Sharing of Telegram User Data Surges After CEO Arrest
Until September 2024, the encrypted messaging service acceded to 14 requests for user data from the US; that number jumped to 900 after its CEO was detained by French authorities in August.
Pentagon Adds Chinese Gaming Giant Tencent to Federal Ban
The sprawling social media and gaming platform says that being considered a Chinese military business must be a mistake.
White House launches cybersecurity label program for consumers
The White House announced Tuesday the official launch of the U.S. Cyber Trust Mark, a cybersecurity labeling initiative aimed at enhancing the security of internet-connected devices. The initiative tackles rising consumer concerns about the security vulnerabilities of βsmartβ devices essential to modern homes. As households become more dependent on interconnected gadgets β with a 2023 [β¦] The post White House launches...
CISA: Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.
PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.
Android patches several vulnerabilities in first security update of 2025
The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Androidβs system. The post Android patches several vulnerabilities in first security update of 2025 appeared first on CyberScoop.
Name That Edge Toon: Greetings and Salutations
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.
Cybercriminals Don't Care About National Cyber Policy
We can't put defense on hold until Inauguration Day.
Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard
US Treasury Department Sanctions Chinese Company Over Cyberattacks
From the Washington Post: The sanctions target Beijing Integrity Technology Group, which U.S. officials say employed workers responsible for the Flax Typhoon attacks which compromised devices including routers and internet-enabled cameras to infiltrate government and industrial targets in the United States, Taiwan, Europe and elsewhere.
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year
It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing threats. Much like a tribute to
State-aligned actors are increasingly deploying ransomware β and thatβs bad news for everyone
The blurring of lines between cybercrime and state-sponsored attacks underscores the increasingly fluid and multifaceted nature of todayβs cyberthreats
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. "The key
CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better understanding of the breach and mitigate its impacts. "The security of federal systems and the data they