A new tech consortium launched today with a mission to drive adoption of post-quantum cryptography (PQC). The PQC Coalition features Microsoft, IBM Quantum, MITRE, PQShield, SandboxAQ and the University of Waterloo among its founding members. The goal will be to improve uptake of PQC in commercial and open source technologies. Quantum computing represents an existential threat […]
Sony has launched an investigation after a cybercrime group claimed to have compromised the company’s systems, offering to sell stolen data. A representative of the Japanese electronics and entertainment giant told SecurityWeek that it’s currently investigating the situation and has no further comments at this time. The probe was launched after a relatively new ransomware […]
Identity & Access Management , Multi-factor & Risk-based Authentication , Security Operations Windows 11 Now Offers Passwordless Authentication, Config Refresh, Policy Control Michael Novinson (MichaelNovinson) • September 26, 2023 Image: Shutterstock Microsoft updated Windows 11 on Tuesday to simplify passwordless adoption, protect against malicious code and have the ability to refresh configuration in […]
Sep 27, 2023THNZero Day / Vulnerability Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the […]
Cyber Insurance , Fraud Management & Cybercrime , Governance & Risk Management No Word Yet on Hospital Chain’s Cyber Insurance Claim, Multiple Lawsuits Pending Marianne Kolbasuk McGee (HealthInfoSec) • September 25, 2023 Image: CommonSpirit Chicago-based CommonSpirit is still waiting to hear back on its insurance claim for an October 2022 ransomware attack, but […]
The ZeroFont phishing technique exploits flaws in AI and natural language processing systems to insert hidden words or characters in emails, evading security filters and tricking recipients.
After months of hiatus, Xenomorph is back targeting thousands of banking customers across multiple countries. According to research by ThreatFabric, the campaign has been active since August and attackers are using a new variant of the Android malware that adds overlays for multiple crypto wallets, and targets over 30 banking institutions in the U.S. and […]
The infamous ALPHV ransomware group, also recognized as Black Cat hacker collective, has revealed the list of its latest victims. With a growing list of compromised entities, the group has lately honed in on three fresh targets in its most recent targeted attacks. In this latest series of cyber attacks, Clarion, Phil-Data Business Systems Inc, […]
Sep 26, 2023THNEndpoint Security / Password Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric […]